Stage 3.4
This commit is contained in:
@@ -9,41 +9,54 @@ init(Req, Opts) ->
|
||||
handle(Req, _Opts) ->
|
||||
case cowboy_req:method(Req) of
|
||||
<<"POST">> ->
|
||||
{ok, Body, Req1} = cowboy_req:read_body(Req),
|
||||
case jsx:decode(Body, [return_maps]) of
|
||||
#{<<"email">> := Email, <<"password">> := Password} ->
|
||||
case core_user:get_by_email(Email) of
|
||||
{ok, User} ->
|
||||
case logic_auth:verify_password(Password, User#user.password_hash) of
|
||||
{ok, true} ->
|
||||
case User#user.status of
|
||||
active ->
|
||||
Token = logic_auth:generate_jwt(User#user.id, User#user.role),
|
||||
{RefreshToken, ExpiresAt} = logic_auth:generate_refresh_token(User#user.id),
|
||||
save_refresh_token(User#user.id, RefreshToken, ExpiresAt),
|
||||
Response = #{
|
||||
user => #{
|
||||
id => User#user.id,
|
||||
email => User#user.email,
|
||||
role => User#user.role
|
||||
},
|
||||
token => Token,
|
||||
refresh_token => RefreshToken
|
||||
},
|
||||
send_json(Req1, 200, Response);
|
||||
frozen ->
|
||||
send_error(Req1, 403, <<"Account frozen">>);
|
||||
deleted ->
|
||||
send_error(Req1, 403, <<"Account deleted">>)
|
||||
case cowboy_req:has_body(Req) of
|
||||
true ->
|
||||
{ok, Body, Req1} = cowboy_req:read_body(Req),
|
||||
case Body of
|
||||
<<>> ->
|
||||
send_error(Req1, 400, <<"Empty request body">>);
|
||||
_ ->
|
||||
try jsx:decode(Body, [return_maps]) of
|
||||
#{<<"email">> := Email, <<"password">> := Password} ->
|
||||
case core_user:get_by_email(Email) of
|
||||
{ok, User} ->
|
||||
case logic_auth:verify_password(Password, User#user.password_hash) of
|
||||
{ok, true} ->
|
||||
case User#user.status of
|
||||
active ->
|
||||
Token = logic_auth:generate_jwt(User#user.id, User#user.role),
|
||||
{RefreshToken, ExpiresAt} = logic_auth:generate_refresh_token(User#user.id),
|
||||
save_refresh_token(User#user.id, RefreshToken, ExpiresAt),
|
||||
Response = #{
|
||||
user => #{
|
||||
id => User#user.id,
|
||||
email => User#user.email,
|
||||
role => User#user.role
|
||||
},
|
||||
token => Token,
|
||||
refresh_token => RefreshToken
|
||||
},
|
||||
send_json(Req1, 200, Response);
|
||||
frozen ->
|
||||
send_error(Req1, 403, <<"Account frozen">>);
|
||||
deleted ->
|
||||
send_error(Req1, 403, <<"Account deleted">>)
|
||||
end;
|
||||
_ ->
|
||||
send_error(Req1, 401, <<"Invalid credentials">>)
|
||||
end;
|
||||
{error, not_found} ->
|
||||
send_error(Req1, 401, <<"Invalid credentials">>)
|
||||
end;
|
||||
_ ->
|
||||
send_error(Req1, 401, <<"Invalid credentials">>)
|
||||
end;
|
||||
{error, not_found} ->
|
||||
send_error(Req1, 401, <<"Invalid credentials">>)
|
||||
send_error(Req1, 400, <<"Missing email or password">>)
|
||||
catch
|
||||
_:_ ->
|
||||
send_error(Req1, 400, <<"Invalid JSON">>)
|
||||
end
|
||||
end;
|
||||
_ ->
|
||||
send_error(Req1, 400, <<"Invalid request body">>)
|
||||
false ->
|
||||
send_error(Req, 400, <<"Missing request body">>)
|
||||
end;
|
||||
_ ->
|
||||
send_error(Req, 405, <<"Method not allowed">>)
|
||||
|
||||
Reference in New Issue
Block a user