Allow the eWallet to work without integration #401
Conversation
ghost
added
the
unnawut
force-pushed
the
357-standalone-ewallet
branch
from
3b0a7b6
to
77944b7
Compare
|
Remaining:
|
| Crypto.fake_verify() | ||
| handle_fail_auth(conn, :invalid_login_credentials) | ||
|
|
||
| :user_not_admin -> |
There was a problem hiding this comment.
Any difference between this case and the one above? Can't we juse use:
_ ->
Crypto.fake_verify()
handle_fail_auth(conn, :invalid_login_credentials)
There was a problem hiding this comment.
You're right. Midway it was a bit different but not anymore. Updating.
|
|
||
| error -> | ||
| handle_error(conn, error) | ||
| {:error, code} when is_atom(code) -> |
| @@ -257,7 +257,7 @@ defmodule AdminAPI.V1.AdminAuth.AccountMembershipControllerTest do | |||
| assert response["data"]["code"] == "client:invalid_parameter" | |||
|
|
|||
| assert response["data"]["description"] == | |||
| "The `redirect_url` is not allowed to be used. Got: '#{redirect_url}'." | |||
| "The given `redirect_url` is not allowed to be used. Got: '#{redirect_url}'." | |||
There was a problem hiding this comment.
Can we change this error to -> "The given redirect_url is not allowed. Got: '#{redirect_url}'." ?
| @@ -7,6 +7,7 @@ defmodule EWallet.Application do | |||
|
|
|||
| def start(_type, _args) do | |||
| import Supervisor.Spec | |||
| DeferredConfig.populate(:ewallet) | |||
| defp html(link) do | ||
| """ | ||
| <p> | ||
| <strong>Click the link to complete the email verification: </strong> |
There was a problem hiding this comment.
to complete the email verification process
| {:error, error} -> | ||
| case Map.get(ErrorHandler.errors(), error) do | ||
| %{description: description} -> | ||
| text(conn, "Unable to verify your email address. " <> description) |
There was a problem hiding this comment.
We were unable to verify your email address. Error description: .
| text(conn, "Unable to verify your email address. " <> description) | ||
|
|
||
| nil -> | ||
| text(conn, "Unable to verify your email address. An unknown error occured.") |
There was a problem hiding this comment.
We were unable to verify your email address.
| Renders the page to show when email verification is successful. | ||
| """ | ||
| def success(conn, _attrs) do | ||
| text(conn, "Your email address is successfully verified!") |
There was a problem hiding this comment.
Your email address has been successfully verified!
| @@ -259,14 +259,30 @@ defmodule EWalletDB.Account do | |||
| @doc """ | |||
| Get the master account for the current wallet setup. | |||
| """ | |||
| @spec get_preloaded_primary_wallet(keyword()) :: %Account{} | nil | |||
| @spec get_master_account(keyword()) :: %Account{} | nil | |||
|
|
||
| case User.update_without_password(invite.user, %{invite_uuid: nil}) do | ||
| {:ok, _user} -> | ||
| Repo.delete(invite) |
There was a problem hiding this comment.
Do we actually delete invites or is it soft-delete? Can't we just set them to used or something and keep them?
There was a problem hiding this comment.
It’s hard delete right now. To do soft delete, I'll do this:
- Disassociate the invite from the user (
user.invite_uuid) after verification. Souser.invite_uuid == nil. - Add a new
invite.user_uuidcolumn to keep the user->invite trace after the disassociation fromuser.invite_uuid. - Add a new
invite.verified_atcolumn so it’s easy to see if and when the invite was used.
|
Updated with @T-Dnzt 's comments as well as @mederic-p 's suggestion to auto-include |
unnawut
added
flag/needs upgrade path 🛠️
Closes #357.
Overview
This PR allows an eWallet provider to setup and uses the eWallet without having to implement or integrate into their own solutions.
Changes
Email configs
AdminAPItoEWalletapp (to share withEWalletAPI).AdminAPI.InviterintoEWallet.Web.Inviterso that it accepts the email template as a parameter. So AdminAPI and EWalletAPI can send the confirmation email with different template/messages.Authentication
AdminAPI.V1.AdminUserAuthenticatorto reject authentication of non-admin usersEWalletAPI.V1.EndUserAuthenticatorto authenticate a user with email and passwordError handling
:invalid_login_credentials,:invalid_email,:invite_not_found,:passwords_mismatchfromAdminAPI.V1.ErrorHandlertoEWallet.V1.ErrorHandlerSignup flow
/api/client/user.signupto support user signup with an email through the newEWalletAPI.V1.SignupController.signup/2/api/client.user.verify_emailto support user email verification through the newEWalletAPI.V1.SignupController.verify_email/2/api/client/user.loginto support user login with email/password through the newEWalletAPI.V1.AuthController.login/2Supporting signup flow
EWalletAPI.VerificationEmailtemplate, separated fromAdminAPI.InviteEmailEWallet.Web.V1.UserAuthTokenSerializer.serialize/1to return user along with the authentication token:invite_uuidtoUser.update_changeset/2so that invites can be removed after verificationEWalletDB.User.has_membership?/1to also handle user's UUID as the parameter.EWalletDB.User.admin?/1Docs
/user.login,/user.signup,/user.verify_emaildocs/design.users.mdto explain different user types and the checker functionsEWalletDB.UserfunctionsImplementation Details
Since this functionality can be built on the existing invitation system for admins (and admins are also users), most of the changes are for reusing the existing code.
Usage
Try sign up with
/api/client/user.signupfollowed by/api/client.user/verify_email, then/api/client/user.login.Example curl for /user.sign_up
Example curl for /user.verify_email
Example curl for /user.login
Impact
mix ecto.migrateto migrate the databaseENABLE_STANDALONE=trueto enable standaloneREDIRECT_URL_PREFIXESas a comma-separated string to allow redirect URLs that are external to the eWallet. If a redirect URL is already prefixed withBASE_URL, it does not need to be added here.