lesderid
/
luckybooru
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
luckybooru/src/operations/sign_in_user.cr

41 lines
1.1 KiB
Crystal
Raw Normal View History

Initial commit There's still a whole bunch of untouched default Lucky files, and the database migrations and models are not complete yet. So far the following models and migrations should match the current schema: * User * Role * Post * TagNamespace * Tag * PostTag
2020-03-07 05:39:00 +01:00
class SignInUser < Avram::Operation
param_key :user
# You can modify this in src/operations/mixins/user_from_email.cr
include UserFromEmail
attribute email : String
attribute password : String
# Run validations and yields the operation and the user if valid
def submit
user = user_from_email
validate_credentials(user)
if valid?
yield self, user
else
yield self, nil
end
end
# `validate_credentials` determines if a user can sign in.
#
# If desired, you can add additional checks in this method, e.g.
#
# if user.locked?
# email.add_error "is locked out"
# end
private def validate_credentials(user)
if user
unless Authentic.correct_password?(user, password.value.to_s)
password.add_error "is wrong"
end
else
# Usually ok to say that an email is not in the system:
# https://kev.inburke.com/kevin/invalid-username-or-password-useless/
# https://github.com/luckyframework/lucky_cli/issues/192
email.add_error "is not in our system"
end
end
end