pim/architex
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Implement logout and logout/all endpoints

Browse source
This commit is contained in:
Pim Kunis 2021-06-27 22:24:54 +02:00
parent 5fe604c5a2
commit c7672a1bd9
6 changed files with 57 additions and 36 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
lib/matrix_server/account.ex
View file

@ -47,12 +47,11 @@ defmodule MatrixServer.Account do
|> Multi.run(:device_with_access_token, &Device.insert_new_access_token/2) |> Multi.run(:device_with_access_token, &Device.insert_new_access_token/2)
end end
def get_by_access_token(access_token) do def by_access_token(access_token) do
from(a in Account, Device
join: d in assoc(a, :devices), |> where([d], d.access_token == ^access_token)
where: d.access_token == ^access_token, |> join(:inner, [d], a in assoc(d, :account))
preload: [devices: d] |> select([d, a], {a, d})
)
|> Repo.one() |> Repo.one()
end end

25
lib/matrix_server/device.ex
View file

@ -1,7 +1,9 @@
defmodule MatrixServer.Device do defmodule MatrixServer.Device do
use Ecto.Schema use Ecto.Schema
import Ecto.Changeset
alias MatrixServer.{Account, Device} import Ecto.{Changeset, Query}
alias MatrixServer.{Account, Device, Repo}
@primary_key false @primary_key false
schema "devices" do schema "devices" do
@ -45,4 +47,23 @@ defmodule MatrixServer.Device do
"#{localpart}_#{time_string}" "#{localpart}_#{time_string}"
end end
def login(account, device_id, access_token, params) do
update_query =
from(d in Device)
|> update(set: [access_token: ^access_token, device_id: ^device_id])
update_query =
if params[:display_name] != nil do
update(update_query, set: [display_name: ^params.display_name])
else
update_query
end
Ecto.build_assoc(account, :devices)
|> Map.put(:device_id, device_id)
|> Map.put(:access_token, access_token)
|> Device.changeset(params)
|> Repo.insert(on_conflict: update_query, conflict_target: [:localpart, :device_id])
end
end end

22
lib/matrix_server_web/controllers/account_controller.ex
View file

@ -4,7 +4,7 @@ defmodule MatrixServerWeb.AccountController do
import MatrixServer import MatrixServer
import MatrixServerWeb.Plug.Error import MatrixServerWeb.Plug.Error
alias MatrixServer.Account alias MatrixServer.{Account, Repo}
alias Plug.Conn alias Plug.Conn
def available(conn, params) do def available(conn, params) do
@ -28,4 +28,24 @@ defmodule MatrixServerWeb.AccountController do
|> put_status(200) |> put_status(200)
|> json(data) |> json(data)
end end
def logout(%Conn{assigns: %{device: device}} = conn, _params) do
case Repo.delete(device) do
{:ok, _} ->
conn
|> put_status(200)
|> json(%{})
{:error, _} ->
put_error(conn, :unknown)
end
end
def logout_all(%Conn{assigns: %{account: account}} = conn, _params) do
Repo.delete_all(Ecto.assoc(account, :devices))
conn
|> put_status(200)
|> json(%{})
end
end end

27
lib/matrix_server_web/controllers/auth_controller.ex
View file

@ -130,30 +130,9 @@ defmodule MatrixServerWeb.AuthController do
device_id = Map.get(params, :device_id, Device.generate_device_id(localpart)) device_id = Map.get(params, :device_id, Device.generate_device_id(localpart))
access_token = Device.generate_access_token(localpart, device_id) access_token = Device.generate_access_token(localpart, device_id)
update_query = case Device.login(account, device_id, access_token, params) do
from(d in Device) {:ok, device} -> device
|> update(set: [access_token: ^access_token, device_id: ^device_id]) {:error, _cs} -> repo.rollback(:forbidden)
update_query =
if params[:display_name] != nil do
update(update_query, set: [display_name: ^params.display_name])
else
update_query
end
result =
Ecto.build_assoc(account, :devices)
|> Map.put(:device_id, device_id)
|> Map.put(:access_token, access_token)
|> Device.changeset(params)
|> repo.insert(on_conflict: update_query, conflict_target: [:localpart, :device_id])
case result do
{:ok, device} ->
device
{:error, _cs} ->
repo.rollback(:forbidden)
end end
else else
repo.rollback(:forbidden) repo.rollback(:forbidden)

4
lib/matrix_server_web/plug/authenticate.ex
View file

@ -22,8 +22,8 @@ defmodule MatrixServerWeb.Plug.Authenticate do
end end
defp authenticate(conn, access_token) do defp authenticate(conn, access_token) do
case Account.get_by_access_token(access_token) do case Account.by_access_token(access_token) do
%Account{devices: [device]} = account -> {account, device} ->
conn conn
|> assign(:account, account) |> assign(:account, account)
|> assign(:device, device) |> assign(:device, device)

4
lib/matrix_server_web/router.ex
View file

@ -17,9 +17,9 @@ defmodule MatrixServerWeb.Router do
scope "/client/r0", as: :client do scope "/client/r0", as: :client do
post "/register", AuthController, :register post "/register", AuthController, :register
get "/register/available", AccountController, :available
get "/login", AuthController, :login_types get "/login", AuthController, :login_types
post "/login", AuthController, :login post "/login", AuthController, :login
get "/register/available", AccountController, :available
end end
get "/client/versions", InfoController, :versions get "/client/versions", InfoController, :versions
@ -30,6 +30,8 @@ defmodule MatrixServerWeb.Router do
scope "/client/r0", as: :client do scope "/client/r0", as: :client do
get "/account/whoami", AccountController, :whoami get "/account/whoami", AccountController, :whoami
post "/logout", AccountController, :logout
post "/logout/all", AccountController, :logout_all
end end
end end