search

trenpixster / addict

User management lib for Phoenix Framework
MIT License
645 stars 99 forks source link

Using Addict on standalone basis #92

Closed simonh1000 closed 8 years ago

simonh1000 commented 8 years ago

I'm trying to use some Addict functions on a standalone basis, as I need the password resetting functionality for a SPA I'm building. In particular, my user registration process is not public, but admin users will create the accounts, and I want that process to include sending the new user an email with a password in.

I'm running the following on my :create route

  def create(conn, %{"user" => user_params}, _user) do
    # Returns changeset with :encrypted_password == "password"
    changeset = User.registration_changeset(%User{}, user_params)
    IO.inspect("Sending to " <> user_params["email"])
    Addict.Interactors.SendResetPasswordEmail.call(user_params["email"])
    |> IO.inspect
    # IO.inspect(res)
    transaction =
        with {:ok, user} <- Repo.insert(changeset),
            #  {:ok, _} <- ProjectController.makeDefaultProject(user.id),
            #  {:ok, _} <- Addict.Interactors.SendResetPasswordEmail.call(user.email),
        do: {:ok, user}

    case transaction do
      {:ok, user} ->....

but getting 

[debug] Processing by MosaicApi.UserController.create/2
  Parameters: %{"user" => %{"customer_id" => "2", "email" => "hotbelgo@gmail.com", "firstname" => "hot", "lastname" => "belgo"}}
  Pipelines: [:api, :api_auth]
"Sending to hotbelgo@gmail.com"
[authentication: "Incorrect e-mail/password"]
[debug] SELECT u0."id", u0."firstname", u0."lastname", u0."email", u0."encrypted_password", u0."customer_id", u0."inserted_at", u0."updated_at" FROM "users" AS u0 WHERE (u0."email" = $1) ["hotbelgo@gmail.com"] OK query=6.3ms
[debug] Recover Password: E-mail not found: hotbelgo@gmail.com.
{:ok, nil}
[debug] BEGIN [] OK query=0.5ms
[debug] INSERT INTO "users" ("inserted_at", "updated_at", "customer_id", "email", "encrypted_password", "firstname", "lastname") VALUES ($1, $2, $3, $4, $5, $6, $7) RETURNING "id" [{{2016, 6, 14}, {16, 48, 12, 0}}, {{2016, 6, 14}, {16, 48, 12, 0}}, 2, "hotbelgo@gmail.com", "$2b$12$d9UBG/r8ttRo/E796wNgreByWib2OpEbDZ9tYWBpPTCAIjBWPa6za", "hot", "belgo"] OK query=2.0ms
[debug] COMMIT [] OK query=2.7ms
[info] Sent 201 in 479ms

I seem to have an authentication issue, which is not entirely surprising as I'm doing authentication myself (using Guardian).

Update I just tried a reset using the normal /recover_password route and got the same error. I then found that I had turned off

    # plug :protect_from_forgery
    # plug :put_secure_browser_headers

and un-commenting seemed to help on /recover_password some of the time. So I'm wondering what I can add to my code to emulate protect_from_forgery and put_secure_browser_headers

trenpixster commented 8 years ago

I'll have to dig into this, be back at you soon.

simonh1000 commented 8 years ago

Hi, I'm going to close this. When I first wrote the issue I included very different error messages, and those have since returned. I've tracked that down to these lines not working in mailgun.ex

  use Mailgun.Client, domain: Application.get_env(:addict, :mailgun_domain),
                      key: Application.get_env(:addict, :mailgun_key)

But in the process of adding IO.inspect commands to find the issue, I seem to have caused things to work! I've now reinstalled your Addict to get rid of my IO.inspects and it still seems to work. I'm confused, but no longer blocked!