-
Notifications
You must be signed in to change notification settings - Fork 2
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #4 from inaka/cabol.111223616.auth_plug
- Added authentication plug.
- Loading branch information
Showing
14 changed files
with
296 additions
and
26 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,68 @@ | ||
defmodule CredoServer.RepositoryControllerTest do | ||
use CredoServer.ConnCase | ||
|
||
alias CredoServer.Repository | ||
|
||
@valid_attrs %{ | ||
full_name: "some content", | ||
github_id: 42, | ||
html_url: "some content", | ||
name: "some content", | ||
private: true, | ||
status: "some content" | ||
} | ||
@invalid_attrs %{} | ||
|
||
setup do | ||
conn = conn() |> put_req_header("accept", "application/json") | ||
{:ok, conn: conn} | ||
end | ||
|
||
test "lists all entries on index", %{conn: conn} do | ||
conn = get conn, repository_path(conn, :index) | ||
assert json_response(conn, 200)["data"] == [] | ||
end | ||
|
||
test "shows chosen resource", %{conn: conn} do | ||
repository = Repo.insert! %Repository{} | ||
conn = get conn, repository_path(conn, :show, repository) | ||
assert json_response(conn, 200)["data"] == %{"id" => repository.id} | ||
end | ||
|
||
test "does not show resource and instead throw error when id is nonexistent", %{conn: conn} do | ||
assert_raise Ecto.NoResultsError, fn -> | ||
get conn, repository_path(conn, :show, -1) | ||
end | ||
end | ||
|
||
test "creates and renders resource when data is valid", %{conn: conn} do | ||
conn = post conn, repository_path(conn, :create), repository: @valid_attrs | ||
assert json_response(conn, 201)["data"]["id"] | ||
assert Repo.get_by(Repository, @valid_attrs) | ||
end | ||
|
||
test "does not create resource and renders errors when data is invalid", %{conn: conn} do | ||
conn = post conn, repository_path(conn, :create), repository: @invalid_attrs | ||
assert json_response(conn, 422)["errors"] != %{} | ||
end | ||
|
||
test "updates and renders chosen resource when data is valid", %{conn: conn} do | ||
repository = Repo.insert! %Repository{} | ||
conn = put conn, repository_path(conn, :update, repository), repository: @valid_attrs | ||
assert json_response(conn, 200)["data"]["id"] | ||
assert Repo.get_by(Repository, @valid_attrs) | ||
end | ||
|
||
test "does not update chosen resource and renders errors when data is invalid", %{conn: conn} do | ||
repository = Repo.insert! %Repository{} | ||
conn = put conn, repository_path(conn, :update, repository), repository: @invalid_attrs | ||
assert json_response(conn, 422)["errors"] != %{} | ||
end | ||
|
||
test "deletes chosen resource", %{conn: conn} do | ||
repository = Repo.insert! %Repository{} | ||
conn = delete conn, repository_path(conn, :delete, repository) | ||
assert response(conn, 204) | ||
refute Repo.get(Repository, repository.id) | ||
end | ||
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,57 @@ | ||
defmodule CredoServer.RepositoryController do | ||
use CredoServer.Web, :controller | ||
|
||
alias CredoServer.Repository | ||
|
||
plug :scrub_params, "repository" when action in [:create, :update] | ||
|
||
def index(conn, _params) do | ||
repositories = Repo.all(Repository) | ||
render(conn, "index.json", repositories: repositories) | ||
end | ||
|
||
def create(conn, %{"repository" => repository_params}) do | ||
changeset = Repository.changeset(%Repository{}, repository_params) | ||
|
||
case Repo.insert(changeset) do | ||
{:ok, repository} -> | ||
conn | ||
|> put_status(:created) | ||
|> put_resp_header("location", repository_path(conn, :show, repository)) | ||
|> render("show.json", repository: repository) | ||
{:error, changeset} -> | ||
conn | ||
|> put_status(:unprocessable_entity) | ||
|> render(CredoServer.ChangesetView, "error.json", changeset: changeset) | ||
end | ||
end | ||
|
||
def show(conn, %{"id" => id}) do | ||
repository = Repo.get!(Repository, id) | ||
render(conn, "show.json", repository: repository) | ||
end | ||
|
||
def update(conn, %{"id" => id, "repository" => repository_params}) do | ||
repository = Repo.get!(Repository, id) | ||
changeset = Repository.changeset(repository, repository_params) | ||
|
||
case Repo.update(changeset) do | ||
{:ok, repository} -> | ||
render(conn, "show.json", repository: repository) | ||
{:error, changeset} -> | ||
conn | ||
|> put_status(:unprocessable_entity) | ||
|> render(CredoServer.ChangesetView, "error.json", changeset: changeset) | ||
end | ||
end | ||
|
||
def delete(conn, %{"id" => id}) do | ||
repository = Repo.get!(Repository, id) | ||
|
||
# Here we use delete! (with a bang) because we expect | ||
# it to always work (and if it does not, it will raise). | ||
Repo.delete!(repository) | ||
|
||
send_resp(conn, :no_content, "") | ||
end | ||
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,78 @@ | ||
defmodule CredoServer.Plug.Auth do | ||
@moduledoc """ | ||
A Plug to authenticate HTTP requests. | ||
## Examples | ||
CredoServer.Plug.Auth.call(conn, []) | ||
""" | ||
|
||
@behaviour Plug | ||
|
||
import Plug.Conn | ||
require Logger | ||
alias CredoServer.Repo | ||
alias CredoServer.User | ||
|
||
## Plug callbacks | ||
|
||
def init(opts) do | ||
opts | ||
end | ||
|
||
def call(conn, _opts) do | ||
case get_token(conn) do | ||
nil -> | ||
assign(conn, :user, nil) | ||
token -> | ||
user = User.find_by_auth_token(token) | ||
assign(conn, :user, user) | ||
end | ||
end | ||
|
||
## Private functions | ||
|
||
defp get_token(conn) do | ||
new_conn = fetch_cookies conn | ||
new_conn.req_cookies["token"] | ||
end | ||
|
||
@doc """ | ||
Authentication macro. This macro contains a function-based plug | ||
to be used in the controllers in order to be able to authenticate | ||
the HTTP request in each controller. | ||
## Example | ||
defmodule CredoServer.TestController do | ||
use CredoServer.Web, :controller | ||
import CredoServer.Router.Helpers | ||
plug :authenticate when action in [:show] | ||
def show(conn, _opts) do | ||
# logic | ||
end | ||
end | ||
""" | ||
defmacro __using__(opts) do | ||
quote bind_quoted: [opts: opts] do | ||
|
||
def init(opts) do | ||
opts | ||
end | ||
|
||
def authenticate(conn, _opts) do | ||
if conn.assigns.user do | ||
conn | ||
else | ||
conn | ||
|> send_resp(401, "UNAUTHORIZED") | ||
|> halt() | ||
end | ||
end | ||
|
||
defoverridable [init: 1, authenticate: 2] | ||
end | ||
end | ||
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,21 +1,16 @@ | ||
defmodule CredoServer.Router do | ||
use CredoServer.Web, :router | ||
|
||
pipeline :browser do | ||
plug :accepts, ["html"] | ||
plug :fetch_session | ||
plug :fetch_flash | ||
plug :protect_from_forgery | ||
plug :put_secure_browser_headers | ||
end | ||
|
||
pipeline :api do | ||
plug :accepts, ["json"] | ||
plug CredoServer.Plug.Auth | ||
end | ||
|
||
scope "/", CredoServer do | ||
pipe_through :browser # Use the default browser stack | ||
pipe_through :api | ||
|
||
resources "/repos", RepositoryController | ||
|
||
get "/", PageController, :index | ||
get "/test", TestController, :show | ||
end | ||
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,9 @@ | ||
defmodule CredoServer.ChangesetView do | ||
use CredoServer.Web, :view | ||
|
||
def render("error.json", %{changeset: changeset}) do | ||
# When encoded, the changeset returns its errors | ||
# as a JSON object. So we just pass it forward. | ||
%{errors: changeset} | ||
end | ||
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,15 @@ | ||
defmodule CredoServer.RepositoryView do | ||
use CredoServer.Web, :view | ||
|
||
def render("index.json", %{repositories: repositories}) do | ||
%{data: render_many(repositories, CredoServer.RepositoryView, "repository.json")} | ||
end | ||
|
||
def render("show.json", %{repository: repository}) do | ||
%{data: render_one(repository, CredoServer.RepositoryView, "repository.json")} | ||
end | ||
|
||
def render("repository.json", %{repository: repository}) do | ||
%{id: repository.id} | ||
end | ||
end |
Oops, something went wrong.