philomena/lib/philomena_web/controllers/registration/totp_controller.ex

56 lines
1.5 KiB
Elixir
Raw Permalink Normal View History

2019-11-13 04:12:46 +01:00
defmodule PhilomenaWeb.Registration.TotpController do
use PhilomenaWeb, :controller
alias PhilomenaWeb.UserAuth
2019-11-13 04:12:46 +01:00
alias Philomena.Users.User
alias Philomena.Users
2019-11-13 04:12:46 +01:00
alias Philomena.Repo
def edit(conn, _params) do
user = conn.assigns.current_user
case user.encrypted_otp_secret do
nil ->
user
|> User.create_totp_secret_changeset()
|> Repo.update()
# Redirect to have the conn pick up the changes
2019-11-13 04:12:46 +01:00
redirect(conn, to: Routes.registration_totp_path(conn, :edit))
_ ->
changeset = Users.change_user(user)
2019-11-13 05:49:37 +01:00
secret = User.totp_secret(user)
qrcode = User.totp_qrcode(user)
2020-01-11 05:20:19 +01:00
render(conn, "edit.html",
title: "Two-Factor Authentication",
changeset: changeset,
totp_secret: secret,
totp_qrcode: qrcode
)
2019-11-13 04:12:46 +01:00
end
end
def update(conn, params) do
backup_codes = User.random_backup_codes()
user = conn.assigns.current_user
2019-11-13 04:12:46 +01:00
2019-11-13 05:49:37 +01:00
user
2019-11-13 04:12:46 +01:00
|> User.totp_changeset(params, backup_codes)
|> Repo.update()
|> case do
{:error, changeset} ->
2019-11-13 05:49:37 +01:00
secret = User.totp_secret(user)
qrcode = User.totp_qrcode(user)
render(conn, "edit.html", changeset: changeset, totp_secret: secret, totp_qrcode: qrcode)
2020-01-11 05:20:19 +01:00
2019-11-13 04:12:46 +01:00
{:ok, user} ->
conn
|> UserAuth.totp_auth_user(user, %{})
2019-11-13 04:12:46 +01:00
|> put_flash(:totp_backup_codes, backup_codes)
|> redirect(to: Routes.registration_totp_path(conn, :edit))
end
end
2019-12-16 20:24:38 +01:00
end