65 lines
1.6 KiB
Elixir
65 lines
1.6 KiB
Elixir
defmodule EventosWeb.Guardian do
|
|
use Guardian, otp_app: :eventos, permissions: %{
|
|
superuser: [:moderate, :super],
|
|
user: [:base]
|
|
}
|
|
|
|
import Logger
|
|
|
|
alias Eventos.Accounts
|
|
alias Eventos.Accounts.{Account, User}
|
|
|
|
def subject_for_token(user = %User{}, _claims) do
|
|
{:ok, "User:" <> to_string(user.id)}
|
|
end
|
|
|
|
def subject_for_token(_, _) do
|
|
{:error, :unknown_resource}
|
|
end
|
|
|
|
def resource_from_claims(%{"sub" => "User:" <> uid_str}) do
|
|
try do
|
|
Logger.debug("Inspecting resource token")
|
|
Logger.debug(inspect uid_str)
|
|
case Integer.parse(uid_str) do
|
|
{uid, ""} ->
|
|
{:ok, Accounts.get_user_with_account!(uid)}
|
|
_ ->
|
|
{:error, :invalid_id}
|
|
end
|
|
rescue
|
|
Ecto.NoResultsError -> {:error, :no_result}
|
|
end
|
|
end
|
|
|
|
def resource_from_claims(claims) do
|
|
Logger.debug("Check bad resource")
|
|
Logger.debug(inspect claims)
|
|
{:error, :reason_for_error}
|
|
end
|
|
|
|
def after_encode_and_sign(resource, claims, token, _options) do
|
|
with {:ok, _} <- Guardian.DB.after_encode_and_sign(resource, claims["typ"], claims, token) do
|
|
{:ok, token}
|
|
end
|
|
end
|
|
|
|
def on_verify(claims, token, _options) do
|
|
Logger.debug(inspect claims)
|
|
with {:ok, _} <- Guardian.DB.on_verify(claims, token) do
|
|
{:ok, claims}
|
|
end
|
|
end
|
|
|
|
def on_revoke(claims, token, _options) do
|
|
with {:ok, _} <- Guardian.DB.on_revoke(claims, token) do
|
|
{:ok, claims}
|
|
end
|
|
end
|
|
|
|
# def build_claims(claims, _resource, opts) do
|
|
# claims = claims
|
|
# |> encode_permissions_into_claims!(Keyword.get(opts, :permissions))
|
|
# {:ok, claims}
|
|
# end
|
|
end |