sphericalkat/katbin
1
0
Fork 0
Code Issues 5 Pull Requests 12 Actions Packages Projects Releases Wiki Activity
caf3535e74
katbin/lib/ketbin_web/router.ex
SphericalKat 0618654ad5
feat(pastes): handle edit permissions using plugs 
Signed-off-by: SphericalKat <amolele@gmail.com>
2021-08-15 04:47:44 +05:30

100 lines
2.9 KiB
Elixir
Raw Blame History

defmodule KetbinWeb.Router do
use KetbinWeb, :router
import KetbinWeb.UserAuth
pipeline :browser do
plug :accepts, ["html"]
plug :fetch_session
plug :fetch_flash
plug :protect_from_forgery
plug :put_secure_browser_headers
plug :fetch_current_user
end
pipeline :api do
plug :accepts, ["json"]
end
scope "/", KetbinWeb do
pipe_through :browser
get "/", PageController, :index
get "/:id/raw", PageController, :raw
post "/", PageController, :create
end
# scope to check if user is owner of paste
scope "/", KetbinWeb do
pipe_through [:browser, :owns_paste]
get "/:id", PageController, :show
get "/v/:id", PageController, :showlink
end
# scope to ensure user is owner of paste
scope "/", KetbinWeb do
pipe_through [:browser, :ensure_owns_paste]
get "/edit/:id", PageController, :edit
patch "/:id", PageController, :update
put "/:id", PageController, :update
end
# Other scopes may use custom stacks.
# scope "/api", KetbinWeb do
# pipe_through :api
# end
# Enables LiveDashboard only for development
#
# If you want to use the LiveDashboard in production, you should put
# it behind authentication and allow only admins to access it.
# If your application does not have an admins-only section yet,
# you can use Plug.BasicAuth to set up some basic authentication
# as long as you are also using SSL (which you should anyway).
if Mix.env() in [:dev, :test] do
import Phoenix.LiveDashboard.Router
scope "/" do
pipe_through :browser
live_dashboard "/dashboard", metrics: KetbinWeb.Telemetry
end
end
## Authentication routes
scope "/", KetbinWeb do
pipe_through [:browser, :redirect_if_user_is_authenticated]
get "/users/register", UserRegistrationController, :new
post "/users/register", UserRegistrationController, :create
get "/users/log_in", UserSessionController, :new
post "/users/log_in", UserSessionController, :create
get "/users/reset_password", UserResetPasswordController, :new
post "/users/reset_password", UserResetPasswordController, :create
get "/users/reset_password/:token", UserResetPasswordController, :edit
put "/users/reset_password/:token", UserResetPasswordController, :update
end
scope "/", KetbinWeb do
pipe_through [:browser, :require_authenticated_user]
get "/users/settings", UserSettingsController, :edit
put "/users/settings", UserSettingsController, :update
get "/users/settings/confirm_email/:token", UserSettingsController, :confirm_email
end
scope "/", KetbinWeb do
pipe_through [:browser]
delete "/users/log_out", UserSessionController, :delete
get "/users/confirm", UserConfirmationController, :new
post "/users/confirm", UserConfirmationController, :create
get "/users/confirm/:token", UserConfirmationController, :confirm
resources "/pastes", PasteController
end
end
Reference in New Issue View Git Blame Copy Permalink