feat: add basic admin mode
This commit is contained in:
parent
56730540b7
commit
339d075edd
14 changed files with 186 additions and 42 deletions
1
.envrc
Normal file
1
.envrc
Normal file
|
@ -0,0 +1 @@
|
|||
export PASSWORD_HASH='$argon2id$v=19$m=65536,t=3,p=4$ctxMPSfgu5i28J0bjRl2yg$D7+qs+R7caAe5lw5m7s+k9M0t75R4XBhkwG1dv6MGOQ'
|
|
@ -20,6 +20,15 @@ if System.get_env("PHX_SERVER") do
|
|||
config :cms, CMSWeb.Endpoint, server: true
|
||||
end
|
||||
|
||||
config :cms,
|
||||
password_hash:
|
||||
System.get_env("PASSWORD_HASH") ||
|
||||
raise("""
|
||||
environment variable PASSWORD_HASH is missing.
|
||||
|
||||
Generate a hashed password using `mix cms.gen.password_hash`
|
||||
""")
|
||||
|
||||
if config_env() == :prod do
|
||||
database_url =
|
||||
System.get_env("DATABASE_URL") ||
|
||||
|
|
|
@ -1,17 +0,0 @@
|
|||
<div class="flex flex-row py-1 px-3 mb-2 border-b border-slate-100">
|
||||
admin mode
|
||||
</div>
|
||||
<div class="flex flex-col md:flex-row mx-auto max-w-3xl">
|
||||
<section class="flex flex-col p-2 gap-y-1 border-slate-100 border-b md:border-b-0">
|
||||
<.link navigate={~p"/"} class="font-bold hover:underline">sloanelybutsurely.com</.link>
|
||||
<nav>
|
||||
<ul>
|
||||
<li><.link navigate={~p"/writing"} class="hover:underline">writing</.link></li>
|
||||
<li><.link navigate={~p"/microblog"} class="hover:underline">microblog</.link></li>
|
||||
</ul>
|
||||
</nav>
|
||||
</section>
|
||||
<main class="p-2">
|
||||
{@inner_content}
|
||||
</main>
|
||||
</div>
|
|
@ -1,10 +1,26 @@
|
|||
<div class="flex flex-col md:flex-row mx-auto max-w-3xl">
|
||||
<div :if={@admin?} class="flex flex-row justify-between py-1 px-3 mb-2 border-b border-slate-100">
|
||||
<section class="flex flex-row gap-x-2">
|
||||
<div class="pr-2 border-r border-slate-100">
|
||||
<.link navigate={~p"/admin"} class="font-bold">admin mode</.link>
|
||||
</div>
|
||||
<nav>
|
||||
<ul class="flex flex-row">
|
||||
<.link href="#" class="hover:underline">new post</.link>
|
||||
</ul>
|
||||
</nav>
|
||||
</section>
|
||||
|
||||
<section class="flex flex-row">
|
||||
<.link href={~p"/admin/session"} method="delete" class="hover:underline">sign out</.link>
|
||||
</section>
|
||||
</div>
|
||||
<div class="flex flex-col md:flex-row mx-auto max-w-4xl">
|
||||
<section class="flex flex-col p-2 gap-y-1 border-slate-100 border-b md:border-b-0">
|
||||
<.link navigate={~p"/"} class="font-bold hover:underline">sloanelybutsurely.com</.link>
|
||||
<.link href={~p"/"} class="font-bold hover:underline">sloanelybutsurely.com</.link>
|
||||
<nav>
|
||||
<ul>
|
||||
<li><.link navigate={~p"/writing"} class="hover:underline">writing</.link></li>
|
||||
<li><.link navigate={~p"/microblog"} class="hover:underline">microblog</.link></li>
|
||||
<li><.link href={~p"/writing"} class="hover:underline">writing</.link></li>
|
||||
<li><.link href={~p"/microblog"} class="hover:underline">microblog</.link></li>
|
||||
</ul>
|
||||
</nav>
|
||||
</section>
|
||||
|
|
40
lib/cms_web/controllers/admin_auth.ex
Normal file
40
lib/cms_web/controllers/admin_auth.ex
Normal file
|
@ -0,0 +1,40 @@
|
|||
defmodule CMSWeb.AdminAuth do
|
||||
@moduledoc false
|
||||
use CMSWeb, :verified_routes
|
||||
|
||||
import Phoenix.Controller
|
||||
import Plug.Conn
|
||||
|
||||
def log_in_admin(conn) do
|
||||
conn
|
||||
|> renew_session()
|
||||
|> put_session(:admin?, true)
|
||||
|> redirect(to: ~p"/")
|
||||
end
|
||||
|
||||
def log_out_admin(conn) do
|
||||
if live_socket_id = get_session(conn, :live_socket_id) do
|
||||
CMSWeb.Endpoint.broadcast(live_socket_id, "disconnect", %{})
|
||||
end
|
||||
|
||||
conn
|
||||
|> renew_session()
|
||||
|> redirect(to: ~p"/")
|
||||
end
|
||||
|
||||
def correct_password?(password) do
|
||||
password_hash = Application.fetch_env!(:cms, :password_hash)
|
||||
|
||||
Argon2.verify_pass(password, password_hash)
|
||||
end
|
||||
|
||||
## private
|
||||
|
||||
defp renew_session(conn) do
|
||||
delete_csrf_token()
|
||||
|
||||
conn
|
||||
|> configure_session(renew: true)
|
||||
|> clear_session()
|
||||
end
|
||||
end
|
18
lib/cms_web/controllers/admin_mode.ex
Normal file
18
lib/cms_web/controllers/admin_mode.ex
Normal file
|
@ -0,0 +1,18 @@
|
|||
defmodule CMSWeb.AdminMode do
|
||||
@moduledoc false
|
||||
use CMSWeb, :live_view
|
||||
|
||||
def admin_mode(%Plug.Conn{} = conn, _opts) do
|
||||
Plug.Conn.assign(conn, :admin?, admin?(conn))
|
||||
end
|
||||
|
||||
def on_mount(:default, _params, session, socket) do
|
||||
{:cont, assign(socket, :admin?, admin?(session))}
|
||||
end
|
||||
|
||||
defp admin?(%Plug.Conn{} = conn) do
|
||||
Plug.Conn.get_session(conn, :admin?, false) == true
|
||||
end
|
||||
|
||||
defp admin?(%{} = session), do: Map.get(session, :admin?, false) == true
|
||||
end
|
23
lib/cms_web/controllers/admin_session_controller.ex
Normal file
23
lib/cms_web/controllers/admin_session_controller.ex
Normal file
|
@ -0,0 +1,23 @@
|
|||
defmodule CMSWeb.AdminSessionController do
|
||||
use CMSWeb, :controller
|
||||
|
||||
alias CMSWeb.AdminAuth
|
||||
|
||||
def create(conn, %{"password" => password}) do
|
||||
if AdminAuth.correct_password?(password) do
|
||||
AdminAuth.log_in_admin(conn)
|
||||
else
|
||||
redirect(conn, to: ~p"/admin/sign-in")
|
||||
end
|
||||
end
|
||||
|
||||
def create(conn, _params) do
|
||||
redirect(conn, to: ~p"/admin/sign-in")
|
||||
end
|
||||
|
||||
def destroy(conn, _params) do
|
||||
conn
|
||||
|> AdminAuth.log_out_admin()
|
||||
|> redirect(to: ~p"/")
|
||||
end
|
||||
end
|
|
@ -1,4 +1,5 @@
|
|||
defmodule CMSWeb.AdminLive do
|
||||
@moduledoc false
|
||||
use CMSWeb, :live_view
|
||||
|
||||
@impl true
|
||||
|
|
29
lib/cms_web/live/admin_login_live.ex
Normal file
29
lib/cms_web/live/admin_login_live.ex
Normal file
|
@ -0,0 +1,29 @@
|
|||
defmodule CMSWeb.AdminLoginLive do
|
||||
@moduledoc false
|
||||
use CMSWeb, :live_view
|
||||
|
||||
@impl true
|
||||
def mount(_params, _session, socket) do
|
||||
socket = assign(socket, :form, to_form(%{"password" => ""}))
|
||||
|
||||
{:ok, socket}
|
||||
end
|
||||
|
||||
@impl true
|
||||
def render(assigns) do
|
||||
~H"""
|
||||
<h1 class="font-bold text-lg mb-4">Sign in</h1>
|
||||
|
||||
<.form for={@form} action={~p"/admin/session"}>
|
||||
<input
|
||||
type="password"
|
||||
placeholder="password"
|
||||
id={@form[:password].id}
|
||||
name={@form[:password].name}
|
||||
value={@form[:password].value}
|
||||
required
|
||||
/>
|
||||
</.form>
|
||||
"""
|
||||
end
|
||||
end
|
|
@ -1,7 +1,10 @@
|
|||
defmodule CMSWeb.Router do
|
||||
alias CMSWeb.Layouts
|
||||
use CMSWeb, :router
|
||||
|
||||
import CMSWeb.AdminMode
|
||||
|
||||
alias CMSWeb.AdminMode
|
||||
|
||||
pipeline :browser do
|
||||
plug :accepts, ["html"]
|
||||
plug :fetch_session
|
||||
|
@ -9,33 +12,26 @@ defmodule CMSWeb.Router do
|
|||
plug :put_root_layout, html: {CMSWeb.Layouts, :root}
|
||||
plug :protect_from_forgery
|
||||
plug :put_secure_browser_headers
|
||||
plug :admin_mode
|
||||
end
|
||||
|
||||
pipeline :api do
|
||||
plug :accepts, ["json"]
|
||||
end
|
||||
|
||||
scope "/", CMSWeb do
|
||||
pipe_through :browser
|
||||
|
||||
get "/", PageController, :home
|
||||
get "/writing", PageController, :writing
|
||||
get "/microblog", PageController, :microblog
|
||||
end
|
||||
|
||||
live_session :admin, layout: {Layouts, :admin} do
|
||||
scope "/admin", CMSWeb do
|
||||
live_session :default, on_mount: AdminMode do
|
||||
scope "/", CMSWeb do
|
||||
pipe_through :browser
|
||||
|
||||
live "/", AdminLive
|
||||
get "/", PageController, :home
|
||||
get "/writing", PageController, :writing
|
||||
get "/microblog", PageController, :microblog
|
||||
|
||||
live "/admin", AdminLive
|
||||
|
||||
live "/admin/sign-in", AdminLoginLive
|
||||
|
||||
post "/admin/session", AdminSessionController, :create
|
||||
delete "/admin/session", AdminSessionController, :destroy
|
||||
end
|
||||
end
|
||||
|
||||
# Other scopes may use custom stacks.
|
||||
# scope "/api", CMSWeb do
|
||||
# pipe_through :api
|
||||
# end
|
||||
|
||||
# Enable LiveDashboard in development
|
||||
if Application.compile_env(:cms, :dev_routes) do
|
||||
# If you want to use the LiveDashboard in production, you should put
|
||||
|
|
23
lib/mix/tasks/cms.gen.password_hash.ex
Normal file
23
lib/mix/tasks/cms.gen.password_hash.ex
Normal file
|
@ -0,0 +1,23 @@
|
|||
defmodule Mix.Tasks.Cms.Gen.PasswordHash do
|
||||
@shortdoc @moduledoc
|
||||
@moduledoc """
|
||||
Hashes a password for the admin account
|
||||
"""
|
||||
use Mix.Task
|
||||
|
||||
@impl Mix.Task
|
||||
def run(_args) do
|
||||
password = Mix.shell().prompt("Password: ")
|
||||
password = String.trim_trailing(password)
|
||||
|
||||
password_confirmation = Mix.shell().prompt("Confirm password: ")
|
||||
password_confirmation = String.trim_trailing(password_confirmation)
|
||||
|
||||
if password == password_confirmation do
|
||||
hashed = Argon2.hash_pwd_salt(password)
|
||||
Mix.shell().info(hashed)
|
||||
else
|
||||
Mix.shell().error("Passwords do not match")
|
||||
end
|
||||
end
|
||||
end
|
1
mix.exs
1
mix.exs
|
@ -50,6 +50,7 @@ defmodule CMS.MixProject do
|
|||
{:jason, "~> 1.2"},
|
||||
{:dns_cluster, "~> 0.1.1"},
|
||||
{:bandit, "~> 1.5"},
|
||||
{:argon2_elixir, "~> 4.1"},
|
||||
|
||||
# dev/test only
|
||||
{:styler, "~> 1.4", only: [:dev, :test], runtime: false}
|
||||
|
|
3
mix.lock
3
mix.lock
|
@ -1,11 +1,14 @@
|
|||
%{
|
||||
"argon2_elixir": {:hex, :argon2_elixir, "4.1.2", "1160a3ccd59b951175525882240651f5ed3303b75c616204713f8b31c76b37bd", [:make, :mix], [{:comeonin, "~> 5.3", [hex: :comeonin, repo: "hexpm", optional: false]}, {:elixir_make, "~> 0.6", [hex: :elixir_make, repo: "hexpm", optional: false]}], "hexpm", "9222341e1b0d9aa5ca7e26a1c77bd1bd92d2314c92b57ca3e2c7ed847223b51d"},
|
||||
"bandit": {:hex, :bandit, "1.6.7", "42f30e37a1c89a2a12943c5dca76f731a2313e8a2e21c1a95dc8241893e922d1", [:mix], [{:hpax, "~> 1.0", [hex: :hpax, repo: "hexpm", optional: false]}, {:plug, "~> 1.14", [hex: :plug, repo: "hexpm", optional: false]}, {:telemetry, "~> 0.4 or ~> 1.0", [hex: :telemetry, repo: "hexpm", optional: false]}, {:thousand_island, "~> 1.0", [hex: :thousand_island, repo: "hexpm", optional: false]}, {:websock, "~> 0.5", [hex: :websock, repo: "hexpm", optional: false]}], "hexpm", "551ba8ff5e4fc908cbeb8c9f0697775fb6813a96d9de5f7fe02e34e76fd7d184"},
|
||||
"castore": {:hex, :castore, "1.0.11", "4bbd584741601eb658007339ea730b082cc61f3554cf2e8f39bf693a11b49073", [:mix], [], "hexpm", "e03990b4db988df56262852f20de0f659871c35154691427a5047f4967a16a62"},
|
||||
"comeonin": {:hex, :comeonin, "5.5.1", "5113e5f3800799787de08a6e0db307133850e635d34e9fab23c70b6501669510", [:mix], [], "hexpm", "65aac8f19938145377cee73973f192c5645873dcf550a8a6b18187d17c13ccdb"},
|
||||
"db_connection": {:hex, :db_connection, "2.7.0", "b99faa9291bb09892c7da373bb82cba59aefa9b36300f6145c5f201c7adf48ec", [:mix], [{:telemetry, "~> 0.4 or ~> 1.0", [hex: :telemetry, repo: "hexpm", optional: false]}], "hexpm", "dcf08f31b2701f857dfc787fbad78223d61a32204f217f15e881dd93e4bdd3ff"},
|
||||
"decimal": {:hex, :decimal, "2.3.0", "3ad6255aa77b4a3c4f818171b12d237500e63525c2fd056699967a3e7ea20f62", [:mix], [], "hexpm", "a4d66355cb29cb47c3cf30e71329e58361cfcb37c34235ef3bf1d7bf3773aeac"},
|
||||
"dns_cluster": {:hex, :dns_cluster, "0.1.3", "0bc20a2c88ed6cc494f2964075c359f8c2d00e1bf25518a6a6c7fd277c9b0c66", [:mix], [], "hexpm", "46cb7c4a1b3e52c7ad4cbe33ca5079fbde4840dedeafca2baf77996c2da1bc33"},
|
||||
"ecto": {:hex, :ecto, "3.12.5", "4a312960ce612e17337e7cefcf9be45b95a3be6b36b6f94dfb3d8c361d631866", [:mix], [{:decimal, "~> 2.0", [hex: :decimal, repo: "hexpm", optional: false]}, {:jason, "~> 1.0", [hex: :jason, repo: "hexpm", optional: true]}, {:telemetry, "~> 0.4 or ~> 1.0", [hex: :telemetry, repo: "hexpm", optional: false]}], "hexpm", "6eb18e80bef8bb57e17f5a7f068a1719fbda384d40fc37acb8eb8aeca493b6ea"},
|
||||
"ecto_sql": {:hex, :ecto_sql, "3.12.1", "c0d0d60e85d9ff4631f12bafa454bc392ce8b9ec83531a412c12a0d415a3a4d0", [:mix], [{:db_connection, "~> 2.4.1 or ~> 2.5", [hex: :db_connection, repo: "hexpm", optional: false]}, {:ecto, "~> 3.12", [hex: :ecto, repo: "hexpm", optional: false]}, {:myxql, "~> 0.7", [hex: :myxql, repo: "hexpm", optional: true]}, {:postgrex, "~> 0.19 or ~> 1.0", [hex: :postgrex, repo: "hexpm", optional: true]}, {:tds, "~> 2.1.1 or ~> 2.2", [hex: :tds, repo: "hexpm", optional: true]}, {:telemetry, "~> 0.4.0 or ~> 1.0", [hex: :telemetry, repo: "hexpm", optional: false]}], "hexpm", "aff5b958a899762c5f09028c847569f7dfb9cc9d63bdb8133bff8a5546de6bf5"},
|
||||
"elixir_make": {:hex, :elixir_make, "0.9.0", "6484b3cd8c0cee58f09f05ecaf1a140a8c97670671a6a0e7ab4dc326c3109726", [:mix], [], "hexpm", "db23d4fd8b757462ad02f8aa73431a426fe6671c80b200d9710caf3d1dd0ffdb"},
|
||||
"esbuild": {:hex, :esbuild, "0.9.0", "f043eeaca4932ca8e16e5429aebd90f7766f31ac160a25cbd9befe84f2bc068f", [:mix], [{:jason, "~> 1.4", [hex: :jason, repo: "hexpm", optional: false]}], "hexpm", "b415027f71d5ab57ef2be844b2a10d0c1b5a492d431727f43937adce22ba45ae"},
|
||||
"file_system": {:hex, :file_system, "1.1.0", "08d232062284546c6c34426997dd7ef6ec9f8bbd090eb91780283c9016840e8f", [:mix], [], "hexpm", "bfcf81244f416871f2a2e15c1b515287faa5db9c6bcf290222206d120b3d43f6"},
|
||||
"floki": {:hex, :floki, "0.37.0", "b83e0280bbc6372f2a403b2848013650b16640cd2470aea6701f0632223d719e", [:mix], [], "hexpm", "516a0c15a69f78c47dc8e0b9b3724b29608aa6619379f91b1ffa47109b5d0dd3"},
|
||||
|
|
|
@ -20,6 +20,7 @@ defmodule CMSWeb.ConnCase do
|
|||
using do
|
||||
quote do
|
||||
use CMSWeb, :verified_routes
|
||||
|
||||
import CMSWeb.ConnCase
|
||||
import Phoenix.ConnTest
|
||||
import Plug.Conn
|
||||
|
|
Loading…
Reference in a new issue