2019-11-13 04:12:46 +01:00
|
|
|
defmodule PhilomenaWeb.Session.TotpController do
|
|
|
|
|
use PhilomenaWeb, :controller
|
|
|
|
|
|
2019-12-20 22:29:29 +01:00
|
|
|
alias PhilomenaWeb.LayoutView
|
2019-11-13 04:12:46 +01:00
|
|
|
alias Philomena.Users.User
|
|
|
|
|
alias Philomena.Repo
|
|
|
|
|
|
|
|
|
|
def new(conn, _params) do
|
|
|
|
|
changeset = Pow.Plug.change_user(conn)
|
|
|
|
|
|
2019-12-20 22:29:29 +01:00
|
|
|
render(conn, "new.html", layout: {LayoutView, "two_factor.html"}, changeset: changeset)
|
2019-11-13 04:12:46 +01:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def create(conn, params) do
|
|
|
|
|
conn
|
|
|
|
|
|> Pow.Plug.current_user()
|
|
|
|
|
|> User.consume_totp_token_changeset(params)
|
|
|
|
|
|> Repo.update()
|
|
|
|
|
|> case do
|
|
|
|
|
{:error, _changeset} ->
|
2019-11-13 21:12:35 +01:00
|
|
|
{:ok, conn} =
|
|
|
|
|
conn
|
|
|
|
|
|> Pow.Plug.clear_authenticated_user()
|
|
|
|
|
|
2019-11-13 04:12:46 +01:00
|
|
|
conn
|
|
|
|
|
|> put_flash(:error, "Sorry, invalid TOTP token entered. Please sign in again.")
|
|
|
|
|
|> redirect(to: Routes.pow_session_path(conn, :new))
|
|
|
|
|
|
|
|
|
|
{:ok, user} ->
|
|
|
|
|
conn
|
2019-11-17 19:18:21 +01:00
|
|
|
|> PhilomenaWeb.TotpPlug.update_valid_totp_at_for_session(user)
|
2019-11-13 04:12:46 +01:00
|
|
|
|> redirect(to: "/")
|
|
|
|
|
end
|
|
|
|
|
end
|
2019-12-16 20:24:38 +01:00
|
|
|
end
|
