carlyleec/UserConfirmationController.confirm.ex

## UserConfirmationController.confirm.ex
# Do not log in the user after confirmation to avoid a
# leaked token giving the user access to the account.
def confirm(conn, %{"token" => token}) do
  case Accounts.confirm_user(token) do
    {:ok, _} ->
      conn
      |> put_flash(:info, "Account confirmed successfully.")
      |> redirect(to: "/")

    :error ->
      # If there is a current user and the account was already confirmed,
      # then odds are that the confirmation link was already visited, either
      # by some automation or by the user themselves, so we redirect without
      # a warning message.
      case conn.assigns do
        %{current_user: %{confirmed_at: confirmed_at}} when not is_nil(confirmed_at) ->
          redirect(conn, to: "/")

        %{} ->
          conn
          |> put_flash(:error, "Account confirmation link is invalid or it has expired.")
          |> redirect(to: "/")
      end
  end
end
	# Do not log in the user after confirmation to avoid a
	# leaked token giving the user access to the account.
	def confirm(conn, %{"token" => token}) do
	case Accounts.confirm_user(token) do
	{:ok, _} ->
	conn
	\|> put_flash(:info, "Account confirmed successfully.")
	\|> redirect(to: "/")

	:error ->
	# If there is a current user and the account was already confirmed,
	# then odds are that the confirmation link was already visited, either
	# by some automation or by the user themselves, so we redirect without
	# a warning message.
	case conn.assigns do
	%{current_user: %{confirmed_at: confirmed_at}} when not is_nil(confirmed_at) ->
	redirect(conn, to: "/")

	%{} ->
	conn
	\|> put_flash(:error, "Account confirmation link is invalid or it has expired.")
	\|> redirect(to: "/")
	end
	end
	end