Hello folks,
I’m currently having some difficulties with my sessions. I’m running into a scenario where if I have two users, I login as User A, log out, and then login as User B, any changes I make are being made on the data for User A. I believe this is because my current resource sessions aren’t clearing, as in a lot of my code I am using user = Guardian.Plug.current_resource(conn) to select the user I want to make changes on. Below is the controller I am using to login/logout with Guardian. I thought that it seemed fairly straightforward, but I seem to be missing something. Any help would be greatly appreciated.
defmodule BookwyrmAPIWeb.SessionController do
use BookwyrmAPIWeb, :controller
alias BookwyrmAPI.Guardian
alias BookwyrmAPI.Accounts
def create(conn, %{"data" => %{"session" => %{"email" => email, "password" => pass}}}) do
case BookwyrmAPIWeb.Auth.login_by_email_and_pass(conn, email, pass) do
{:ok, token, conn} ->
user = Accounts.get_user_by_email(email)
conn
|> Guardian.Plug.sign_in(user)
|> render("session.json", %{jwt: token, user_id: user.id})
{:error, _reason, conn} ->
render(conn, "500.json")
end
end
def delete(conn, _) do
conn
|> Guardian.Plug.sign_out()
|> render("delete.json")
end
end
