end

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2018-01-09 17:52:26 +01:00
parent 8ac705d8c2
commit 92d2045735
97 changed files with 18243 additions and 1544 deletions
--- a/lib/eventos/accounts/account.ex
+++ b/lib/eventos/accounts/account.ex
@@ -4,21 +4,20 @@ defmodule Eventos.Accounts.Account do
  alias Eventos.Accounts.{Account, GroupAccount, GroupRequest, Group, User}
  alias Eventos.Events.Event

-
  schema "accounts" do
+    field :username, :string
    field :description, :string
    field :display_name, :string
-    field :domain, :string
+    field :domain, :string, default: nil
    field :private_key, :string
    field :public_key, :string
    field :suspended, :boolean, default: false
    field :uri, :string
    field :url, :string
-    field :username, :string
    has_many :organized_events, Event
    many_to_many :groups, Group, join_through: GroupAccount
    has_many :group_request, GroupRequest
-    has_one :user_id, User
+    has_one :user, User

    timestamps()
  end
@@ -27,6 +26,7 @@ defmodule Eventos.Accounts.Account do
  def changeset(%Account{} = account, attrs) do
    account
    |> cast(attrs, [:username, :domain, :display_name, :description, :private_key, :public_key, :suspended, :uri, :url])
-    |> validate_required([:username, :domain, :display_name, :description, :private_key, :public_key, :suspended, :uri, :url])
+    |> validate_required([:username, :display_name, :description, :private_key, :public_key, :suspended])
+    |> unique_constraint(:username, name: :accounts_username_domain_index)
  end
 end
--- a/lib/eventos/accounts/user.ex
+++ b/lib/eventos/accounts/user.ex
@@ -1,16 +1,17 @@
 defmodule Eventos.Accounts.User do
  use Ecto.Schema
  import Ecto.Changeset
-  alias Eventos.Accounts.{User}
+  alias Eventos.Accounts.{Account, User}
+  alias Eventos.Repo

+  import Logger

  schema "users" do
    field :email, :string
    field :role, :integer, default: 0
    field :password, :string, virtual: true
    field :password_hash, :string
-    field :account_id, :integer
-
+    belongs_to :account, Account
    timestamps()
  end

@@ -18,7 +19,7 @@ defmodule Eventos.Accounts.User do
  @doc false
  def changeset(%User{} = user, attrs) do
    user
-    |> cast(attrs, [:email, :password_hash, :role])
+    |> cast(attrs, [:email, :password_hash])
    |> validate_required([:email])
    |> unique_constraint(:email)
    |> validate_format(:email, ~r/@/)
--- a/lib/eventos_web/controllers/app_controller.ex
+++ b/lib/eventos_web/controllers/app_controller.ex
@@ -0,0 +1,9 @@
+defmodule EventosWeb.AppController do
+  use EventosWeb, :controller
+
+  plug :put_layout, false
+
+  def app(conn, _params) do
+    render conn, "index.html"
+  end
+end
--- a/lib/eventos_web/controllers/page_controller.ex
+++ b/lib/eventos_web/controllers/page_controller.ex
@@ -1,11 +1,8 @@
 defmodule EventosWeb.PageController do
  use EventosWeb, :controller
+  import Logger

  def index(conn, _params) do
    render conn, "index.html"
  end
-
-  def app(conn, _params) do
-    render conn, "index.html"
-  end
 end
--- a/lib/eventos_web/controllers/session_controller.ex
+++ b/lib/eventos_web/controllers/session_controller.ex
@@ -8,9 +8,12 @@ defmodule EventosWeb.SessionController do
      # Attempt to authenticate the user
      with {:ok, token, _claims} <- Accounts.authenticate(%{user: user, password: password}) do
        # Render the token
-        render conn, "token.json", token: token
+        user = Eventos.Repo.preload user, :account
+        render conn, "token.json", %{token: token, user: user}
      end
+      send_resp(conn, 400, "Bad login")
    end
+    send_resp(conn, 400, "No such user")
  end

  def sign_out(conn, _params) do
--- a/lib/eventos_web/controllers/user_controller.ex
+++ b/lib/eventos_web/controllers/user_controller.ex
@@ -1,5 +1,6 @@
 defmodule EventosWeb.UserController do
  use EventosWeb, :controller
+  import Logger

  alias Eventos.Accounts
  alias Eventos.Accounts.User
@@ -57,4 +58,34 @@ defmodule EventosWeb.UserController do
    |> put_flash(:info, "User deleted successfully.")
    |> redirect(to: user_path(conn, :index))
  end
+
+  def register(conn, %{"email" => email, "password" => password, "username" => username}) do
+
+    {:ok, {privkey, pubkey}} = RsaEx.generate_keypair("4096")
+    account_change = Ecto.Changeset.change(%Eventos.Accounts.Account{}, %{
+      username: username,
+      description: "tata",
+      display_name: "toto",
+      domain: nil,
+      private_key: privkey,
+      public_key: pubkey,
+      uri: "",
+      url: ""
+    })
+
+    user_change = Eventos.Accounts.User.registration_changeset(%Eventos.Accounts.User{}, %{
+      email: email,
+      password: password,
+      password_confirmation: password
+    })
+
+    account_with_user = Ecto.Changeset.put_assoc(account_change, :user, user_change)
+
+    Eventos.Repo.insert!(account_with_user)
+
+    user = Eventos.Accounts.find(email)
+    user = Eventos.Repo.preload user, :account
+
+    render conn, "user.json", %{user: user}
+  end
 end
--- a/lib/eventos_web/endpoint.ex
+++ b/lib/eventos_web/endpoint.ex
@@ -9,7 +9,7 @@ defmodule EventosWeb.Endpoint do
  # when deploying your static files in production.
  plug Plug.Static,
    at: "/", from: :eventos, gzip: false,
-    only: ~w(css fonts images js favicon.ico robots.txt)
+    only: ~w(css fonts images js favicon.ico robots.txt index.html)

  # Code reloading can be explicitly enabled under the
  # :code_reloader configuration of your endpoint.
@@ -19,6 +19,7 @@ defmodule EventosWeb.Endpoint do
    plug Phoenix.CodeReloader
  end

+  plug CORSPlug
  plug Plug.RequestId
  plug Plug.Logger

--- a/lib/eventos_web/router.ex
+++ b/lib/eventos_web/router.ex
@@ -9,18 +9,26 @@ defmodule EventosWeb.Router do
    plug EventosWeb.AuthPipeline
  end

-  scope "/api" do
+  pipeline :browser do
+    plug :accepts, ["html"]
+    plug :fetch_session
+    plug :fetch_flash
+    plug :protect_from_forgery
+    plug :put_secure_browser_headers
+  end
+
+  scope "/api", EventosWeb do
    pipe_through :api

-    resources "/users", UserController, only: [:create]
-    post "/sign-in", EventosWeb.SessionController, :sign_in
+    post "/users", UserController, :register
+    post "/login", SessionController, :sign_in
+    resources "/groups", GroupController, only: [:index]
  end

  # Other scopes may use custom stacks.
  scope "/api", EventosWeb do
     pipe_through :api_auth

-
     post "/sign-out", SessionController, :sign_out
     resources "/users", UserController
     resources "/accounts", AccountController
@@ -29,8 +37,14 @@ defmodule EventosWeb.Router do
     resources "/tags", TagController
     resources "/event_accounts", EventAccountsController
     resources "/event_requests", EventRequestController
-     resources "/groups", GroupController
+     resources "/groups", GroupController, except: [:index]
     resources "/group_accounts", GroupAccountController
     resources "/group_requests", GroupRequestController
  end
+
+  scope "/", EventosWeb do
+    pipe_through :browser
+
+    get "/*path", AppController, :app
+  end
 end
--- a/lib/eventos_web/templates/app/index.html.eex
+++ b/lib/eventos_web/templates/app/index.html.eex
@@ -0,0 +1 @@
+<!DOCTYPE html><html><head><link href="https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Material+Icons" rel=stylesheet><script src="https://maps.googleapis.com/maps/api/js?key=AIzaSyBF37pw38j0giICt73TCAPNogc07Upe_Q4&libraries=places"></script><meta charset=utf-8><title>libre-event</title><link href=/css/app.c6f4f0637b07f4b32d59e43e26ada6c7.css rel=stylesheet></head><body><noscript>Mets du JS.</noscript><div id=app></div><script type=text/javascript src=/js/manifest.79c2975577a8222315fd.js></script><script type=text/javascript src=/js/vendor.94561603df84d1708ae1.js></script><script type=text/javascript src=/js/app.dc4c839388191b886181.js></script></body></html>
--- a/lib/eventos_web/views/account_view.ex
+++ b/lib/eventos_web/views/account_view.ex
@@ -1,3 +1,15 @@
 defmodule EventosWeb.AccountView do
  use EventosWeb, :view
+
+  def render("account.json", %{"account": account}) do
+    %{
+      username: account.username,
+      description: account.description,
+      display_name: account.display_name,
+      domain: account.domain,
+      suspended: account.suspended,
+      uri: account.uri,
+      url: account.url,
+    }
+  end
 end
--- a/lib/eventos_web/views/app_view.ex
+++ b/lib/eventos_web/views/app_view.ex
@@ -0,0 +1,3 @@
+defmodule EventosWeb.AppView do
+  use EventosWeb, :view
+end
--- a/lib/eventos_web/views/session_view.ex
+++ b/lib/eventos_web/views/session_view.ex
@@ -1,7 +1,7 @@
 defmodule EventosWeb.SessionView do
  use EventosWeb, :view

-  def render("token.json", %{token: token}) do
-    %{token: token}
+  def render("token.json", %{token: token, user: user}) do
+    %{token: token, user: render_one(user, EventosWeb.UserView, "user.json")}
  end
 end
--- a/lib/eventos_web/views/user_view.ex
+++ b/lib/eventos_web/views/user_view.ex
@@ -1,3 +1,11 @@
 defmodule EventosWeb.UserView do
  use EventosWeb, :view
+  import Logger
+
+  def render("user.json", %{"user": user}) do
+    %{
+      email: user.email,
+      account: render_one(user.account, EventosWeb.AccountView, "account.json"),
+    }
+  end
 end
				`@@ -0,0 +1 @@`
				<!DOCTYPE html><html><head><link href="https://fonts.googleapis.com/css?family=Roboto:300,400,500,700\|Material+Icons" rel=stylesheet><script src="https://maps.googleapis.com/maps/api/js?key=AIzaSyBF37pw38j0giICt73TCAPNogc07Upe_Q4&libraries=places"></script><meta charset=utf-8><title>libre-event</title><link href=/css/app.c6f4f0637b07f4b32d59e43e26ada6c7.css rel=stylesheet></head><body><noscript>Mets du JS.</noscript><div id=app></div><script type=text/javascript src=/js/manifest.79c2975577a8222315fd.js></script><script type=text/javascript src=/js/vendor.94561603df84d1708ae1.js></script><script type=text/javascript src=/js/app.dc4c839388191b886181.js></script></body></html>