Cameron Carlyle carlyleec

## UserSettingsController.confirm_email.ex
def confirm_email(conn, %{"token" => token}) do
  case Accounts.update_user_email(conn.assigns.current_user, token) do
    :ok ->
      conn
      |> put_flash(:info, "Email changed successfully.")
      |> redirect(to: Routes.user_settings_path(conn, :edit))

    :error ->
      conn
      |> put_flash(:error, "Email change link is invalid or it has expired.")

## UserSettingsController.update_password.ex
def update(conn, %{"action" => "update_password"} = params) do
  %{"current_password" => password, "user" => user_params} = params
  user = conn.assigns.current_user

  case Accounts.update_user_password(user, password, user_params) do
    {:ok, user} ->
      conn
      |> put_flash(:info, "Password updated successfully.")
      |> put_session(:user_return_to, Routes.user_settings_path(conn, :edit))
      |> UserAuth.log_in_user(user)

## UserSettingsController.update_email.ex
def update(conn, %{"action" => "update_email"} = params) do
  %{"current_password" => password, "user" => user_params} = params
  user = conn.assigns.current_user

  case Accounts.apply_user_email(user, password, user_params) do
    {:ok, applied_user} ->
      Accounts.deliver_update_email_instructions(
        applied_user,
        user.email,
        &Routes.user_settings_url(conn, :confirm_email, &1)

## UserConfirmationController.confirm.ex
# Do not log in the user after confirmation to avoid a
# leaked token giving the user access to the account.
def confirm(conn, %{"token" => token}) do
  case Accounts.confirm_user(token) do
    {:ok, _} ->
      conn
      |> put_flash(:info, "Account confirmed successfully.")
      |> redirect(to: "/")

    :error ->

## UserConfirmationController.create.ex
def create(conn, %{"user" => %{"email" => email}}) do
  if user = Accounts.get_user_by_email(email) do
    Accounts.deliver_user_confirmation_instructions(
      user,
      &Routes.user_confirmation_url(conn, :confirm, &1)
    )
  end

  # Regardless of the outcome, show an impartial success/error message.
  conn

## Accounts.reset_user_password.ex
def reset_user_password(user, attrs) do
  Ecto.Multi.new()
  |> Ecto.Multi.update(:user, User.password_changeset(user, attrs))
  |> Ecto.Multi.delete_all(:tokens, UserToken.user_and_contexts_query(user, :all))
  |> Repo.transaction()
  |> case do
    {:ok, %{user: user}} -> {:ok, user}
    {:error, :user, changeset, _} -> {:error, changeset}
  end
end

## UserResetPasswordController.update.ex
# Do not log in the user after reset password to avoid a
# leaked token giving the user access to the account.
def update(conn, %{"user" => user_params}) do
  case Accounts.reset_user_password(conn.assigns.user, user_params) do
    {:ok, _} ->
      conn
      |> put_flash(:info, "Password reset successfully.")
      |> redirect(to: Routes.user_session_path(conn, :new))

    {:error, changeset} ->

## UserResetPasswordController.edit.ex
...

plug :get_user_by_reset_password_token when action in [:edit, :update]

...

def edit(conn, _params) do
  render(conn, "edit.html", changeset: Accounts.change_user_password(conn.assigns.user))
end

## UserResetPasswordController.create.ex
def create(conn, %{"user" => %{"email" => email}}) do
  if user = Accounts.get_user_by_email(email) do
    Accounts.deliver_user_reset_password_instructions(
      user,
      &Routes.user_reset_password_url(conn, :edit, &1)
    )
  end

  # Regardless of the outcome, show an impartial success/error message.
  conn

## UserToken.verify_email_token_query.ex
def verify_email_token_query(token, context) do
  case Base.url_decode64(token, padding: false) do
    {:ok, decoded_token} ->
      hashed_token = :crypto.hash(@hash_algorithm, decoded_token)
      days = days_for_context(context)

      query =
        from token in token_and_context_query(hashed_token, context),
          join: user in assoc(token, :user),
          where: token.inserted_at > ago(^days, "day") and token.sent_to == user.email,
	def confirm_email(conn, %{"token" => token}) do
	case Accounts.update_user_email(conn.assigns.current_user, token) do
	:ok ->
	conn
	\|> put_flash(:info, "Email changed successfully.")
	\|> redirect(to: Routes.user_settings_path(conn, :edit))

	:error ->
	conn
	\|> put_flash(:error, "Email change link is invalid or it has expired.")
	def update(conn, %{"action" => "update_password"} = params) do
	%{"current_password" => password, "user" => user_params} = params
	user = conn.assigns.current_user

	case Accounts.update_user_password(user, password, user_params) do
	{:ok, user} ->
	conn
	\|> put_flash(:info, "Password updated successfully.")
	\|> put_session(:user_return_to, Routes.user_settings_path(conn, :edit))
	\|> UserAuth.log_in_user(user)
	def update(conn, %{"action" => "update_email"} = params) do
	%{"current_password" => password, "user" => user_params} = params
	user = conn.assigns.current_user

	case Accounts.apply_user_email(user, password, user_params) do
	{:ok, applied_user} ->
	Accounts.deliver_update_email_instructions(
	applied_user,
	user.email,
	&Routes.user_settings_url(conn, :confirm_email, &1)
	# Do not log in the user after confirmation to avoid a
	# leaked token giving the user access to the account.
	def confirm(conn, %{"token" => token}) do
	case Accounts.confirm_user(token) do
	{:ok, _} ->
	conn
	\|> put_flash(:info, "Account confirmed successfully.")
	\|> redirect(to: "/")

	:error ->
	def create(conn, %{"user" => %{"email" => email}}) do
	if user = Accounts.get_user_by_email(email) do
	Accounts.deliver_user_confirmation_instructions(
	user,
	&Routes.user_confirmation_url(conn, :confirm, &1)
	)
	end

	# Regardless of the outcome, show an impartial success/error message.
	conn
	def reset_user_password(user, attrs) do
	Ecto.Multi.new()
	\|> Ecto.Multi.update(:user, User.password_changeset(user, attrs))
	\|> Ecto.Multi.delete_all(:tokens, UserToken.user_and_contexts_query(user, :all))
	\|> Repo.transaction()
	\|> case do
	{:ok, %{user: user}} -> {:ok, user}
	{:error, :user, changeset, _} -> {:error, changeset}
	end
	end
	# Do not log in the user after reset password to avoid a
	# leaked token giving the user access to the account.
	def update(conn, %{"user" => user_params}) do
	case Accounts.reset_user_password(conn.assigns.user, user_params) do
	{:ok, _} ->
	conn
	\|> put_flash(:info, "Password reset successfully.")
	\|> redirect(to: Routes.user_session_path(conn, :new))

	{:error, changeset} ->
	...

	plug :get_user_by_reset_password_token when action in [:edit, :update]

	...

	def edit(conn, _params) do
	render(conn, "edit.html", changeset: Accounts.change_user_password(conn.assigns.user))
	end
	def create(conn, %{"user" => %{"email" => email}}) do
	if user = Accounts.get_user_by_email(email) do
	Accounts.deliver_user_reset_password_instructions(
	user,
	&Routes.user_reset_password_url(conn, :edit, &1)
	)
	end

	# Regardless of the outcome, show an impartial success/error message.
	conn
	def verify_email_token_query(token, context) do
	case Base.url_decode64(token, padding: false) do
	{:ok, decoded_token} ->
	hashed_token = :crypto.hash(@hash_algorithm, decoded_token)
	days = days_for_context(context)

	query =
	from token in token_and_context_query(hashed_token, context),
	join: user in assoc(token, :user),
	where: token.inserted_at > ago(^days, "day") and token.sent_to == user.email,