Manageable Cookies about phauxth HOT 8 CLOSED

To start off with, we could add this to the documentation, or the wiki, as an example of how you can extend the Remember plug. After that, we can discuss whether we want to add it to the default implementation.

from phauxth.

I wrote some more here. I want to set default :enable_cookie_management config to false. And if anyone want to use it, they can set it to true and follow some instructions.

from phauxth.

Thanks - I'll take a look at that later and get back to you soon.

from phauxth.

I think this simplest way to enable_cookie_management:

In Phauxth.Config, add:

def enable_cookie_management  do
  Application.get_env(:phauxth, :enable_cookie_management, false)
end

In Phauxth.Remember, add:

def init(opts) do
  {
    {
      Keyword.get(opts, :max_age, @max_age),
      Keyword.get(opts, :user_context, Config.user_context()),
      Keyword.get(opts, :enable_cookie_management, Config.enable_cookie_management()),
      opts
    },
    Keyword.get(opts, :log_meta, [])
  }
end

def get_user(conn, token, {max_age, user_context, false, opts}) do
  with {:ok, user_id} <- Token.verify(conn, token, max_age, opts) do
    user_context.get(user_id)
  end
end

def get_user(conn, token, {max_age, user_context, true, opts}) do
  with {:ok, user_id} <- Token.verify(conn, token, max_age, opts)
       %{cookies: cookies} = user <- user_context.get(user_id),
       true <- Map.has_key?(cookies, token),
  do
    user
  end
end

So, if get_user returns nil, then call delete_rem_cookie/1

from phauxth.

@virayatta I have added a related issue - #81 , which is based on the version 2.0 implementation.

from phauxth.

The latest version calls delete_rem_cookie by default - after it sees that the cookie / token is invalid.

Can we close this issue, or is there anything else you want to add?

from phauxth.

from phauxth.

I'll close it for now, and if you want to reopen it later, that's fine.

from phauxth.