Merge 509f4e8 into 2b64cd0

karabiner-inc · Jan 18, 2019 · 1f62c1e · 1f62c1e
2 parents 2b64cd0 + 509f4e8
commit 1f62c1e
Show file tree

Hide file tree

Showing 33 changed files with 1,275 additions and 257 deletions.
diff --git a/1} b/1}
diff --git a/README.md b/README.md
@@ -1,6 +1,6 @@
 # Materia
 
-[![hex.pm](https://img.shields.io/apm/l/materia.svg)](https://github.com/karabiner-inc/materia)
+[![hex.pm](https://img.shields.io/hexpm/l/materia.svg)](https://github.com/karabiner-inc/materia)
 [![Coverage Status](https://coveralls.io/repos/github/karabiner-inc/materia/badge.svg?branch=master)](https://coveralls.io/github/karabiner-inc/materia?branch=master)
 
 To start your Phoenix server:
@@ -45,10 +45,21 @@ config/config.exs
 
 ```
 # Configures Guardian
+# Configures Materia.Authenticator common settings
 config :materia, Materia.Authenticator,
-  issuer: "your_app_name",  #<- mod your app name
-  # Generate mix task 
-  # > mix phx.gen.secret
+  access_token_ttl: {10, :minutes}, #必須
+  refresh_token_ttl: {1, :days}, # refresh_tokenを定義しない場合sign-inはaccess_tokenのみ返す
+  user_registration_token_ttl: {35, :minutes},
+  password_reset_token_ttl: {35, :minutes}
+
+# Configures UserAuthenticator (if you wont user user authenticator)
+config :materia, Materia.UserAuthenticator,
+  issuer: "your_app_name",
+  secret_key: "your secusecret token"
+
+# Configures AccountAuthenticator  (if you wont user account authenticator)
+config :materia, Materia.AccountAuthenticator,
+  issuer: "your_app_name",
   secret_key: "your secusecret token"
 
 # Configures GuardianDB
@@ -127,7 +138,7 @@ lib/your_app_web/router.ex
 
 ```
   pipeline :guardian_auth do
-    plug Materia.AuthenticatePipeline #<-- guardian jwt token authentication by user model.
+    plug Materia.UserAuthePipeline #<-- guardian jwt token authentication by user model. you can use AccountAuthPiplein if you wont account authentication 
   end
   pipeline :grant_check do
     plug Materia.Plug.GrantChecker, repo: YourApp.Repo #<-- Grant check by user ,role and grant model.

diff --git a/RequestSample_accounts.http b/RequestSample_accounts.http
@@ -6,17 +6,26 @@
 @url = http://localhost:4001
 #@url = https://
 
-###ログイン
+###ログイン(ユーザー認証)
 POST {{url}}/api/sign-in HTTP/1.1
 Content-Type: application/json
 
 {
+    "email": "fugafuga@example.com", 
+    "password": "fugafuga"
+  }
+
+###ログイン(アカウント＋ユーザー認証)
+POST {{url}}/api/sign-in HTTP/1.1
+Content-Type: application/json
+
+{
+    "account": "hogehoge account",
     "email": "hogehoge@example.com", 
     "password": "hogehoge"
   }
 
-@token = Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJNYXRlcmlhIiwiZW1haWwiOiJob2dlaG9nZUBleGFtcGxlLmNvbSIsImV4cCI6MTU0NTgxMTc4OSwiaWF0IjoxNTQ1ODExMTg5LCJpc3MiOiJNYXRlcmlhIiwianRpIjoiMWEzYmM0ZGMtZWJmYS00MWUyLWJiNjctNDYxMTJmMzU4Njc2IiwibmJmIjoxNTQ1ODExMTg4LCJzdWIiOiJ7XCJ1c2VyX2lkXCI6MX0iLCJ0eXAiOiJhY2Nlc3MifQ.taF2To9CACyPMyZcmDjCi82VKmhA-fq8QApVhfiA8DY
-
+@token = Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJNYXRlcmlhIiwiZW1haWwiOiJmdWdhZnVnYUBleGFtcGxlLmNvbSIsImV4cCI6MTU0NzExNTc0MiwiaWF0IjoxNTQ3MTE1MTQyLCJpc3MiOiJNYXRlcmlhIiwianRpIjoiZDdlNTY1N2MtYmJmYi00ZWVlLTgyOWMtNTMzMWQ3YzYxNGJmIiwibmJmIjoxNTQ3MTE1MTQxLCJzdWIiOiJ7XCJ1c2VyX2lkXCI6Mn0iLCJ0eXAiOiJhY2Nlc3MifQ.BRWP0jtVN47tCg94ssfQJ6WLldP_FHgjoz7r4HSIM4U
 
 ### ユーザー汎用検索
 POST {{url}}/api/search-users HTTP/1.1

diff --git a/RequestSample_authenticator.http b/RequestSample_authenticator.http
@@ -16,7 +16,7 @@ Content-Type: application/json
   }
 
 ###仮トークン認証
-@tmp_token = Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJNYXRlcmlhIiwiZW1haWwiOiJ0Y3IueW9zaGltdXJhQGthcmFiaW5lci50ZWNoIiwiZXhwIjoxNTQzOTc1OTM1LCJpYXQiOjE1NDM5NzM4MzUsImlzcyI6Ik1hdGVyaWEiLCJqdGkiOiJjZDcyMDczMi01MmM0LTQyZGEtODYzNC01ODEyMGZjMzc4NDMiLCJuYmYiOjE1NDM5NzM4MzQsInN1YiI6IjMiLCJ0eXAiOiJ1c2VyX3JlZ2lzdHJhdGlvbiJ9.oktmhWQAp9dS9hZlzB0ZXdeG34trEbT3xXfiZf_yBZg
+@tmp_token = Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJNYXRlcmlhIiwiZW1haWwiOiJ0Y3IueW9zaGltdXJhQGthcmFiaW5lci50ZWNoIiwiZXhwIjoxNTQ3MTE3MjgwLCJpYXQiOjE1NDcxMTUxODAsImlzcyI6Ik1hdGVyaWEiLCJqdGkiOiI5Zjg4NDA3Ni1iNGRlLTQ5ZGUtYTdjMi0xYjg5YTVmNzkyNmEiLCJuYmYiOjE1NDcxMTUxNzksInN1YiI6IntcInVzZXJfaWRcIjozfSIsInR5cCI6InVzZXJfcmVnaXN0cmF0aW9uIn0.HH-40L3Cv5wtKca5EveuG_xMJF0EqChgRuJhzNULkVk
 
 GET {{url}}/api/varidation-tmp-user HTTP/1.1
 Content-Type: application/json
@@ -45,14 +45,13 @@ Authorization: {{tmp_token}}
 ###パスワード再登録申請
 POST {{url}}/api/request-password-reset HTTP/1.1
 Content-Type: application/json
-Authorization: {{tmp_token}}
 
  {
     "email": "tcr.yoshimura@karabiner.tech"
   }
 
 ### PWリセットトークン認証
-@pw_reset_token = Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJNYXRlcmlhIiwiZW1haWwiOiJ0Y3IueW9zaGltdXJhQGthcmFiaW5lci50ZWNoIiwiZXhwIjoxNTQzOTc1OTkyLCJpYXQiOjE1NDM5NzM4OTIsImlzcyI6Ik1hdGVyaWEiLCJqdGkiOiIxZGM3MjQwNi1iZjM0LTRhYjItYTA2NC1hZTFmMjdjYmI1YWMiLCJuYmYiOjE1NDM5NzM4OTEsInN1YiI6IjMiLCJ0eXAiOiJwYXNzd29yZF9yZXNldCJ9.fER3oonKbywoW8NcelqNnpZs8yain7LFcjdqK1jQi7M
+@pw_reset_token = Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJNYXRlcmlhIiwiZW1haWwiOiJ0Y3IueW9zaGltdXJhQGthcmFiaW5lci50ZWNoIiwiZXhwIjoxNTQ3MTE3MzgwLCJpYXQiOjE1NDcxMTUyODAsImlzcyI6Ik1hdGVyaWEiLCJqdGkiOiJmZjYwY2M1Mi1hZDJhLTQ3N2QtODRhNi1hZTA2MTk1MjU4MzUiLCJuYmYiOjE1NDcxMTUyNzksInN1YiI6IntcInVzZXJfaWRcIjozfSIsInR5cCI6InBhc3N3b3JkX3Jlc2V0In0.JuwU6cmX_W_cPomoQfqDC0apyxMV_vyv8XYyTCy63hY
 
 GET {{url}}/api/varidation-pw-reset HTTP/1.1
 Content-Type: application/json
@@ -114,7 +113,7 @@ Content-Type: application/json
     "password": "fugafuga"
   }
 
-@token = Bearer eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJTZXJ2aWNleCIsImVtYWlsIjoiaG9nZWhvZ2VAZXhhbXBsZS5jb20iLCJleHAiOjE1NDA4MDUwMjcsImlhdCI6MTU0MDgwNDQyNywiaXNzIjoiU2VydmljZXgiLCJqdGkiOiIyMWM4MmNkMy01ZmRjLTRkYzItYjE4MS1kZWY4OTNhZmI4YmEiLCJuYmYiOjE1NDA4MDQ0MjYsInN1YiI6IjEiLCJ0eXAiOiJhY2Nlc3MifQ.H6sMFoAb5FW27MguIdfqEgC6yMBGLeNeehsEjutKulBL0PMlFBIXruPaCa-Nf_9sXI4Cd-KSmsTsQR5yEL7stA
+@token = Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJNYXRlcmlhIiwiZW1haWwiOiJmdWdhZnVnYUBleGFtcGxlLmNvbSIsImV4cCI6MTU0NzExNjAxMywiaWF0IjoxNTQ3MTE1NDEzLCJpc3MiOiJNYXRlcmlhIiwianRpIjoiYmJkMzhhZDItNzkzNy00NzQyLWE1YTAtODNiYWYxNzc4YzNkIiwibmJmIjoxNTQ3MTE1NDEyLCJzdWIiOiJ7XCJ1c2VyX2lkXCI6Mn0iLCJ0eXAiOiJhY2Nlc3MifQ.U50hzVYNyv5u4Z2FixJ23zTdMc5Z6Qoy229c5ylXGMw
 
 ###認証チェック
 
@@ -128,7 +127,7 @@ POST {{url}}/api/refresh HTTP/1.1
 Content-Type: application/json
 
 {
-  "refresh_token": "eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJTZXJ2aWNleCIsImVtYWlsIjoiaG9nZWhvZ2VAZXhhbXBsZS5jb20iLCJleHAiOjE1NDA4MDUwMjcsImlhdCI6MTU0MDgwNDQyNywiaXNzIjoiU2VydmljZXgiLCJqdGkiOiIyMWM4MmNkMy01ZmRjLTRkYzItYjE4MS1kZWY4OTNhZmI4YmEiLCJuYmYiOjE1NDA4MDQ0MjYsInN1YiI6IjEiLCJ0eXAiOiJhY2Nlc3MifQ.H6sMFoAb5FW27MguIdfqEgC6yMBGLeNeehsEjutKulBL0PMlFBIXruPaCa-Nf_9sXI4Cd-KSmsTsQR5yEL7stA"
+  "refresh_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJNYXRlcmlhIiwiZW1haWwiOiJmdWdhZnVnYUBleGFtcGxlLmNvbSIsImV4cCI6MTU0NzIwMzM3OCwiaWF0IjoxNTQ3MTE2OTc4LCJpc3MiOiJNYXRlcmlhIiwianRpIjoiN2ZmZWM4ZWItYjgzZS00ZWFjLWFmOTktN2Q4MzFjM2RlMjU0IiwibmJmIjoxNTQ3MTE2OTc3LCJzdWIiOiJ7XCJ1c2VyX2lkXCI6Mn0iLCJ0eXAiOiJyZWZyZXNoIn0.lYNVP4I7xtWX842AeRIYY8vf324ItS7i3HiT_6cyp3Q"
 }
 
 

diff --git a/config/config.exs b/config/config.exs
@@ -22,13 +22,22 @@ config :logger, :console,
   format: "$time $metadata[$level] $message\n",
   metadata: [:user_id]
 
-# Configures Guardian
+# Configures Materia.Authenticator
 config :materia, Materia.Authenticator,
-  issuer: "Materia",
   access_token_ttl: {10, :minutes}, #必須
   refresh_token_ttl: {1, :days}, # refresh_tokenを定義しない場合sign-inはaccess_tokenのみ返す
   user_registration_token_ttl: {35, :minutes},
-  password_reset_token_ttl: {35, :minutes},
+  password_reset_token_ttl: {35, :minutes}
+
+# Configures Guardian
+config :materia, Materia.UserAuthenticator,
+  issuer: "Materia",
+  secret_key: "VlY6rTO8s+oM6/l4tPY0mmpKubd1zLEDSKxOjHA4r90ifZzCOYVY5IBEhdicZStw",
+  allowed_algos: ["HS256"]
+
+# Configures Guardian
+config :materia, Materia.AccountAuthenticator,
+  issuer: "Materia",
   secret_key: "VlY6rTO8s+oM6/l4tPY0mmpKubd1zLEDSKxOjHA4r90ifZzCOYVY5IBEhdicZStw",
   allowed_algos: ["HS256"]
 

diff --git a/lib/materia/accounts/account.ex b/lib/materia/accounts/account.ex
@@ -0,0 +1,45 @@
+defmodule Materia.Accounts.Account do
+  use Ecto.Schema
+  import Ecto.Changeset
+
+
+  schema "accounts" do
+    field :external_code, :string
+    field :name, :string
+    field :start_datetime, :utc_datetime
+    field :frozen_datetime, :utc_datetime
+    field :expired_datetime, :utc_datetime
+    field :descriptions, :string
+    field :status, :integer, default: 1
+    field :lock_version, :integer, default: 0
+    belongs_to :organization ,Materia.Organizations.Organization
+    belongs_to :main_user ,Materia.Accounts.User, [foreign_key: :main_user_id]
+
+    timestamps()
+  end
+
+  @doc false
+  def create_changeset(account, attrs) do
+    account
+    |> cast(attrs, [:external_code, :name, :start_datetime, :descriptions, :frozen_datetime, :expired_datetime,:status, :organization_id, :main_user_id, :lock_version])
+    |> validate_required([:external_code, :start_datetime])
+    |> unique_constraint(:code)
+  end
+
+  @doc false
+  def update_changeset(account, attrs) do
+    account
+    |> cast(attrs, [:external_code, :name, :start_datetime, :descriptions, :frozen_datetime, :expired_datetime, :status, :organization_id, :main_user_id, :lock_version])
+    |> validate_required([:lock_version])
+    |> unique_constraint(:code)
+    |> optimistic_lock(:lock_version)
+  end
+
+  def status() do
+    %{
+      activated: 1, # アカウント有効
+      frozen: 8, # アカウント凍結中
+      expired: 9, #アカウント無効
+    }
+  end
+end