defmodule BrightWeb.Router do use BrightWeb, :router import BrightWeb.PlatformAuth alias Bright.ShoppingCart pipeline :browser do plug :accepts, ["html", "json"] plug :fetch_session plug :fetch_live_flash plug :put_root_layout, html: {BrightWeb.Layouts, :root} plug :protect_from_forgery plug :put_secure_browser_headers plug :fetch_current_platform plug :fetch_current_user plug :fetch_current_cart end pipeline :auth do # plug :ensure_authenticated end defp fetch_current_user(conn, _) do if user_uuid = get_session(conn, :current_uuid) do assign(conn, :current_uuid, user_uuid) else new_uuid = Ecto.UUID.generate() conn |> assign(:current_uuid, new_uuid) |> put_session(:current_uuid, new_uuid) end end defp fetch_current_cart(conn, _opts) do if cart = ShoppingCart.get_cart_by_user_uuid(conn.assigns.current_uuid) do assign(conn, :cart, cart) else {:ok, new_cart} = ShoppingCart.create_cart(conn.assigns.current_uuid) assign(conn, :cart, new_cart) end end pipeline :api do plug :accepts, ["json"] end scope "/" do pipe_through [:browser, :auth] get "/posts/new", PostController, :new post "/posts", PostController, :create get "/streams/new", StreamController, :new post "/streams", StreamController, :create end scope "/", BrightWeb do pipe_through :browser get "/", PageController, :home resources "/products", ProductController get "/patrons", PatronController, :index get "/about", PageController, :about get "/api", PageController, :api resources "/cart_items", CartItemController, only: [:create, :delete] get "/cart", CartController, :show put "/cart", CartController, :update resources "/orders", OrderController, only: [:create, :show] resources "/archive", StreamController get "/streams", StreamController, :index get "/stream", StreamController, :show resources "/vods", VodController resources "/vtubers", VtuberController resources "/vt", VtuberController do resources "/vods", VodController end # resources "/users", UserController resources "/tags", TagController ## @todo DANGER, platforms must only be writable by admins, (unless we implement SVG sanitizing) resources "/platforms", PlatformController live "/thermostat", ThermostatLive get "/hello", HelloController, :index get "/hello/:messenger", HelloController, :show live "/posts", PostLive.Index, :index live "/posts/new", PostLive.Index, :new live "/posts/:id/edit", PostLive.Index, :edit live "/posts/:id", PostLive.Show, :show live "/posts/:id/show/edit", PostLive.Show, :edit end # Other scopes may use custom stacks. scope "/api", BrightWeb do pipe_through :api resources "/urls", UrlController, except: [:new, :edit] end # Enable LiveDashboard and Swoosh mailbox preview in development if Application.compile_env(:bright, :dev_routes) do # If you want to use the LiveDashboard in production, you should put # it behind authentication and allow only admins to access it. # If your application does not have an admins-only section yet, # you can use Plug.BasicAuth to set up some basic authentication # as long as you are also using SSL (which you should anyway). import Phoenix.LiveDashboard.Router scope "/dev" do pipe_through :browser live_dashboard "/dashboard", metrics: BrightWeb.Telemetry forward "/mailbox", Plug.Swoosh.MailboxPreview end end ## Authentication routes scope "/", BrightWeb do pipe_through [:browser, :redirect_if_platform_is_authenticated] live_session :redirect_if_platform_is_authenticated, on_mount: [{BrightWeb.PlatformAuth, :redirect_if_platform_is_authenticated}] do live "/platforms/register", PlatformRegistrationLive, :new live "/platforms/log_in", PlatformLoginLive, :new live "/platforms/reset_password", PlatformForgotPasswordLive, :new live "/platforms/reset_password/:token", PlatformResetPasswordLive, :edit end post "/platforms/log_in", PlatformSessionController, :create end scope "/", BrightWeb do pipe_through [:browser, :require_authenticated_platform] live_session :require_authenticated_platform, on_mount: [{BrightWeb.PlatformAuth, :ensure_authenticated}] do live "/platforms/settings", PlatformSettingsLive, :edit live "/platforms/settings/confirm_email/:token", PlatformSettingsLive, :confirm_email end end scope "/", BrightWeb do pipe_through [:browser] delete "/platforms/log_out", PlatformSessionController, :delete live_session :current_platform, on_mount: [{BrightWeb.PlatformAuth, :mount_current_platform}] do live "/platforms/confirm/:token", PlatformConfirmationLive, :edit live "/platforms/confirm", PlatformConfirmationInstructionsLive, :new end end end