-
Notifications
You must be signed in to change notification settings - Fork 0
/
auth.clj
105 lines (89 loc) · 3.23 KB
/
auth.clj
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
(ns ideas.routes.auth
(:use compojure.core)
(:require [noir.session :as session]
[noir.response :as resp]
[noir.validation :as vali]
[noir.util.crypt :as crypt]
[ideas.models.db :as db]
[ideas.views.layout :as layout]
[ideas.routes.helper.request :refer [filter-req is-auth! is-anon!]]))
(defn valid? [username email pass pass1]
(vali/rule (vali/has-value? username)
[:username "you must specify a username"])
(vali/rule (vali/has-value? email)
[:email "you must specify a email"])
(vali/rule (not (db/find-user-by-username username))
[:username "this username is already taken"])
(vali/rule (vali/is-email? email)
[:email "email field is mandatory"])
(vali/rule (not (db/find-user-by-email email))
[:email "this email is already taken"])
(vali/rule (vali/min-length? pass 5)
[:pass "password must be at least 5 characters"])
(vali/rule (= pass pass1)
[:pass1 "entered passwords do not match"])
(not (vali/errors? :username :email :pass :pass1)))
(defn- authenticate
; REFACTOR move this later (to models prolly)
"Returns the user associated with
the username/password combination"
[username password]
(if-let [user (db/find-user-by-username username)]
(if (crypt/compare password (:pass user))
user
nil)))
(defn handle-login [username pass]
(if-let [user (authenticate username pass)]
(do
(session/put! :user-id (:id user))
(session/flash-put! :notice "Logged in successfully!"))
(session/flash-put! :error "User not found!"))
(resp/redirect "/"))
(defn register []
(layout/render
"auth/registration.html"
{:username-error (vali/on-error :username first)
:pass-error (vali/on-error :pass first)
:pass1-error (vali/on-error :pass1 first)}))
(defn handle-registration
[username email pass pass1]
(if (valid? username email pass pass1)
(try
(let [user (db/create-user {:username username :email email :pass (crypt/encrypt pass)})]
(session/put! :user-id (:id user))
(session/flash-put! :notice "Welcome on ideas!")
(resp/redirect "/profile"))
(catch Exception ex
(vali/rule false [:id (.getMessage ex)])
(register)))
(do
(session/flash-put! :error "Invalid user")
(register))))
(defn profile []
(if-let [user (db/find-user (session/get :user-id))]
(layout/render
"auth/profile.html"
{:user user})))
(defn update-profile
[{:keys [first-name last-name email]}]
(if (not (nil? (session/get :user-id)))
(do ;; if we're logged in, proceed
(db/update-user (session/get :user-id) first-name last-name email)
(profile))
(resp/redirect "/")))
(defn logout []
(session/clear!)
(resp/redirect "/"))
(defroutes auth-routes
(POST "/login" [username pass]
(is-anon! #(handle-login username pass)))
(GET "/register" []
(is-anon! register))
(POST "/register" [username email pass pass1]
(is-anon! #(handle-registration username email pass pass1)))
(GET "/profile" []
(is-auth! profile))
(POST "/update-profile" {params :params}
(is-auth! #(update-profile params)))
(GET "/logout" []
(is-auth! logout)))