mirror of
https://github.com/fergalmoran/malarkey.git
synced 2025-12-22 09:48:46 +00:00
27 lines
795 B
Elixir
27 lines
795 B
Elixir
defmodule MalarkeyWeb.UserSessionController do
|
|
use MalarkeyWeb, :controller
|
|
|
|
alias Malarkey.Accounts
|
|
alias MalarkeyWeb.UserAuth
|
|
|
|
def create(conn, %{"user" => user_params}) do
|
|
%{"email" => email, "password" => password} = user_params
|
|
|
|
if user = Accounts.get_user_by_email_and_password(email, password) do
|
|
UserAuth.log_in_user(conn, user, user_params)
|
|
else
|
|
# In order to prevent user enumeration attacks, don't disclose whether the email is registered.
|
|
conn
|
|
|> put_flash(:error, "Invalid email or password")
|
|
|> put_flash(:email, String.slice(email, 0, 160))
|
|
|> redirect(to: ~p"/users/log_in")
|
|
end
|
|
end
|
|
|
|
def delete(conn, _params) do
|
|
conn
|
|
|> put_flash(:info, "Logged out successfully.")
|
|
|> UserAuth.log_out_user()
|
|
end
|
|
end
|