From d16f164f4dbc1346831fd6f358a4479fccc7b94b Mon Sep 17 00:00:00 2001 From: Mike Cifelli <26522946+macifell@users.noreply.github.com> Date: Fri, 8 Dec 2023 16:19:45 -0500 Subject: [PATCH 1/2] Redirect bc user already logged in --- lib/recognizer_web/authentication.ex | 31 ++++++------------- .../accounts/user_registration_controller.ex | 6 ---- .../accounts/user_session_controller.ex | 20 +++--------- .../accounts/user_settings_controller.ex | 6 ---- .../controllers/fallback_controller.ex | 2 +- lib/recognizer_web/router.ex | 24 +++++++++++--- 6 files changed, 35 insertions(+), 54 deletions(-) diff --git a/lib/recognizer_web/authentication.ex b/lib/recognizer_web/authentication.ex index b7199c2..2cb9e4a 100644 --- a/lib/recognizer_web/authentication.ex +++ b/lib/recognizer_web/authentication.ex @@ -32,27 +32,13 @@ defmodule RecognizerWeb.Authentication do |> redirect(to: Routes.prompt_two_factor_path(conn, :new)) {:ok, _user} -> - if BigCommerce.enabled?() && get_session(conn, :bc) do - log_in_bc_user(conn, user, params) - else - redirect_opts = login_redirect(conn) - - conn - |> clear_session() - |> Guardian.Plug.sign_in(user, params) - |> redirect(redirect_opts) - end - end - end - - defp log_in_bc_user(conn, user, params) do - jwt = BigCommerce.generate_login_jwt(user) + redirect_opts = login_redirect(conn, user) - conn - |> clear_session() - |> Guardian.Plug.sign_in(user, params) - |> put_session(:bc, true) - |> redirect(external: BigCommerce.login_redirect_uri(jwt)) + conn + |> clear_session() + |> Guardian.Plug.sign_in(user, params) + |> redirect(redirect_opts) + end end @doc """ @@ -96,8 +82,11 @@ defmodule RecognizerWeb.Authentication do @doc """ The URL to redirect the user to after authentication is done. """ - def login_redirect(conn) do + def login_redirect(conn, user) do cond do + get_session(conn, :bc) -> + [external: user |> BigCommerce.generate_login_jwt() |> BigCommerce.login_redirect_uri()] + get_session(conn, :user_return_to) -> [to: get_session(conn, :user_return_to)] diff --git a/lib/recognizer_web/controllers/accounts/user_registration_controller.ex b/lib/recognizer_web/controllers/accounts/user_registration_controller.ex index e33383a..7f5d703 100644 --- a/lib/recognizer_web/controllers/accounts/user_registration_controller.ex +++ b/lib/recognizer_web/controllers/accounts/user_registration_controller.ex @@ -14,12 +14,6 @@ defmodule RecognizerWeb.Accounts.UserRegistrationController do ] when action in [:create] - def new(conn, %{"bc" => "true"} = params) do - conn - |> put_session(:bc, true) - |> new(Map.drop(params, ["bc"])) - end - def new(conn, params) do user_params = Map.get(params, "user", %{}) changeset = Accounts.change_user_registration(%User{}, user_params) diff --git a/lib/recognizer_web/controllers/accounts/user_session_controller.ex b/lib/recognizer_web/controllers/accounts/user_session_controller.ex index 704f8c1..4fabfbe 100644 --- a/lib/recognizer_web/controllers/accounts/user_session_controller.ex +++ b/lib/recognizer_web/controllers/accounts/user_session_controller.ex @@ -4,12 +4,6 @@ defmodule RecognizerWeb.Accounts.UserSessionController do alias Recognizer.Accounts alias RecognizerWeb.Authentication - def new(conn, %{"bc" => "true"}) do - conn - |> put_session(:bc, true) - |> render("new.html", error_message: nil) - end - def new(conn, _params) do render(conn, "new.html", error_message: nil) end @@ -39,15 +33,11 @@ defmodule RecognizerWeb.Accounts.UserSessionController do end end - def delete(conn, %{"bc" => "true"}) do - conn - |> put_session(:bc, true) - |> Authentication.log_out_user() - end - def delete(conn, _params) do - conn - |> Authentication.conditional_flash(:info, "Logged out successfully.") - |> Authentication.log_out_user() + if !get_session(conn, :bc) do + Authentication.conditional_flash(conn, :info, "Logged out successfully.") + end + + Authentication.log_out_user(conn) end end diff --git a/lib/recognizer_web/controllers/accounts/user_settings_controller.ex b/lib/recognizer_web/controllers/accounts/user_settings_controller.ex index a5e27fd..3e604a0 100644 --- a/lib/recognizer_web/controllers/accounts/user_settings_controller.ex +++ b/lib/recognizer_web/controllers/accounts/user_settings_controller.ex @@ -6,12 +6,6 @@ defmodule RecognizerWeb.Accounts.UserSettingsController do plug :assign_email_and_password_changesets - def edit(conn, %{"bc" => "true"}) do - conn - |> put_session(:bc, true) - |> edit(%{}) - end - def edit(conn, _params) do cond do get_session(conn, :bc) -> diff --git a/lib/recognizer_web/controllers/fallback_controller.ex b/lib/recognizer_web/controllers/fallback_controller.ex index 6309622..8a3d4b3 100644 --- a/lib/recognizer_web/controllers/fallback_controller.ex +++ b/lib/recognizer_web/controllers/fallback_controller.ex @@ -8,7 +8,7 @@ defmodule RecognizerWeb.FallbackController do @impl Guardian.Plug.ErrorHandler def auth_error(conn, {:already_authenticated, _reason}, _) do conn - |> redirect(Authentication.login_redirect(conn)) + |> redirect(Authentication.login_redirect(conn, Authentication.fetch_current_user(conn))) |> halt() end diff --git a/lib/recognizer_web/router.ex b/lib/recognizer_web/router.ex index 3bef161..31bf9e8 100644 --- a/lib/recognizer_web/router.ex +++ b/lib/recognizer_web/router.ex @@ -29,8 +29,22 @@ defmodule RecognizerWeb.Router do plug Guardian.Plug.EnsureNotAuthenticated end + pipeline :bc do + plug :add_bc_to_session + end + + defp add_bc_to_session(%{query_params: %{"bc" => "true"}} = conn, _opts) do + if Recognizer.BigCommerce.enabled?() do + put_session(conn, :bc, true) + end + end + + defp add_bc_to_session(conn, _opts) do + conn + end + scope "/", RecognizerWeb do - pipe_through :browser + pipe_through [:bc, :browser] get "/", HomepageController, :index @@ -56,7 +70,7 @@ defmodule RecognizerWeb.Router do end scope "/", RecognizerWeb.OauthProvider, as: :oauth do - pipe_through [:browser, :auth, :user] + pipe_through [:browser, :bc, :auth, :user] get "/oauth/authorize", AuthorizeController, :new get "/oauth/authorize/:code", AuthorizeController, :show @@ -65,7 +79,7 @@ defmodule RecognizerWeb.Router do end scope "/", RecognizerWeb.Accounts do - pipe_through [:browser, :auth, :guest] + pipe_through [:browser, :bc, :auth, :guest] get "/create-account", UserRegistrationController, :new post "/create-account", UserRegistrationController, :create @@ -90,7 +104,7 @@ defmodule RecognizerWeb.Router do end scope "/", RecognizerWeb.Accounts.Prompt, as: :prompt do - pipe_through [:browser, :auth, :guest] + pipe_through [:browser, :bc, :auth, :guest] get "/prompt/update-password", PasswordChangeController, :edit put "/prompt/update-password", PasswordChangeController, :update @@ -105,7 +119,7 @@ defmodule RecognizerWeb.Router do end scope "/", RecognizerWeb.Accounts do - pipe_through [:browser, :auth, :user] + pipe_through [:browser, :bc, :auth, :user] get "/settings", UserSettingsController, :edit put "/settings", UserSettingsController, :update From 4668765506d055c3ddeef8d6ae8ebd8525ca8a3d Mon Sep 17 00:00:00 2001 From: Mike Cifelli <26522946+macifell@users.noreply.github.com> Date: Fri, 8 Dec 2023 16:22:07 -0500 Subject: [PATCH 2/2] Simplify code --- lib/recognizer/bigcommerce.ex | 18 +++++++++--------- lib/recognizer_web/authentication.ex | 2 +- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/lib/recognizer/bigcommerce.ex b/lib/recognizer/bigcommerce.ex index ff35473..2b9f40c 100644 --- a/lib/recognizer/bigcommerce.ex +++ b/lib/recognizer/bigcommerce.ex @@ -26,7 +26,15 @@ defmodule Recognizer.BigCommerce do end end - def generate_login_jwt(user) do + def login_redirect_uri(user) do + config(:login_uri) <> generate_login_jwt(user) + end + + def logout_redirect_uri() do + config(:logout_uri) + end + + defp generate_login_jwt(user) do {:ok, token, _claims} = user |> Recognizer.Repo.preload(:bigcommerce_user) @@ -36,14 +44,6 @@ defmodule Recognizer.BigCommerce do token end - def login_redirect_uri(jwt) do - config(:login_uri) <> jwt - end - - def logout_redirect_uri() do - config(:logout_uri) - end - defp jwt_claims(user) do %{ "aud" => "BigCommerce", diff --git a/lib/recognizer_web/authentication.ex b/lib/recognizer_web/authentication.ex index 2cb9e4a..791e61a 100644 --- a/lib/recognizer_web/authentication.ex +++ b/lib/recognizer_web/authentication.ex @@ -85,7 +85,7 @@ defmodule RecognizerWeb.Authentication do def login_redirect(conn, user) do cond do get_session(conn, :bc) -> - [external: user |> BigCommerce.generate_login_jwt() |> BigCommerce.login_redirect_uri()] + [external: BigCommerce.login_redirect_uri(user)] get_session(conn, :user_return_to) -> [to: get_session(conn, :user_return_to)]