bobbby.online
blonk is a radar for your web, where you follow vibes for cool blips on the radar
1defmodule ElixirBlonkWeb.UserConfirmationController do
2 use ElixirBlonkWeb, :controller
3
4 alias ElixirBlonk.Accounts
5
6 def new(conn, _params) do
7 render(conn, :new)
8 end
9
10 def create(conn, %{"user" => %{"email" => email}}) do
11 if user = Accounts.get_user_by_email(email) do
12 Accounts.deliver_user_confirmation_instructions(
13 user,
14 &url(~p"/users/confirm/#{&1}")
15 )
16 end
17
18 conn
19 |> put_flash(
20 :info,
21 "If your email is in our system and it has not been confirmed yet, " <>
22 "you will receive an email with instructions shortly."
23 )
24 |> redirect(to: ~p"/")
25 end
26
27 def edit(conn, %{"token" => token}) do
28 render(conn, :edit, token: token)
29 end
30
31 # Do not log in the user after confirmation to avoid a
32 # leaked token giving the user access to the account.
33 def update(conn, %{"token" => token}) do
34 case Accounts.confirm_user(token) do
35 {:ok, _} ->
36 conn
37 |> put_flash(:info, "User confirmed successfully.")
38 |> redirect(to: ~p"/")
39
40 :error ->
41 # If there is a current user and the account was already confirmed,
42 # then odds are that the confirmation link was already visited, either
43 # by some automation or by the user themselves, so we redirect without
44 # a warning message.
45 case conn.assigns do
46 %{current_user: %{confirmed_at: confirmed_at}} when not is_nil(confirmed_at) ->
47 redirect(conn, to: ~p"/")
48
49 %{} ->
50 conn
51 |> put_flash(:error, "User confirmation link is invalid or it has expired.")
52 |> redirect(to: ~p"/")
53 end
54 end
55 end
56end