An admin will review all the info from a user’s register info and decide if the user will pass the approval or not. When new users submit their registration form, their info will send to our admin to have it approve. And only after approval could the new user be created.
So … How should I create such an admin system?
Hey @Bedtimestory9 your post has been moved to the moderation queue because there isn’t really enough information for someone to help you here. How much Elixir do you know? What sort of system is this? What have you tried so far, and where did you get stuck?
Hi @benwilson512 sorry for the ambiguity, I’ll try my best to clarify.
My knowledge on Phoenix is as much as the first chapter on Phoenix Framework by Pragmatic studio
This is my registration process:
defmodule CompoCenter.Accounts.User do
...
def changeset(user, attrs) do
user
|> cast(attrs, [:email, :company, :first_name, :last_name])
|> validate_required([:email, :company, :first_name, :last_name])
|> validate_format(:email, ~r/@/)
end
def registration_changeset(user, params) do
user
|> changeset(params)
|> cast(params, [:password])
|> validate_required([:password])
|> validate_length(:password, min: 6, max: 100)
|> put_pass_hash()
end
...
end
So so far as long as the user fill out their email with an @ symbol as well as complying with password length rule, the user will be inserted into the Repo.
And I want to have it differently, I want to have an admin(or me) to go through a review of their input, once I click approve, then will it be created.
If this is still too vague, can you point me to what topics should I explore? I am pretty much in the fog too. But I’m sure there’re websites like this. For example, you submit a registration form to create an account on a website, and the website responded with “Thank you for your submission, your account will need to be approved, which might take a few days.” Or something like that.
Yeah I think my question contains too many topics, if you can give me some pointer to what should I read I’ll greatly appreciate it.
One solution is to have a status field on the User. For example approved, not_approved. Then You can ensure only approved user have access ?!
The admin just need to toggle this field to allow user access
Pretty much what the gorilla said.
A great resource to read is the output of mix phx.gen.auth. While it doesn’t provide this functionality out of the box, it’s really easy to tack on and the rest of the code is great study for how to properly implement authn.
Of course there are different ways to implement this with different trade offs but this probably what I would do. Firstly, for something like approval I prefer a dedicated field—approved_at as a timestamp—over a status so that what I’m going to use, but YMMV.
Assuming you’ve gen’d your auth with:
$ mix phx.gen.auth Accounts User users
Create a migration to add approved_at timestamp field to your users table, add the field to your User Schema (make sure it defaults to nil which means doing nothing).
In MyAppWeb.UserAuth look for def on_mount(:ensure_authenticated, .... This is where you will want to check if the user has been approved and deal with accordingly. You can change it to look something like this:
def on_mount(:ensure_authenticated, _params, session, socket) do
socket = mount_current_user(socket, session)
case socket.assigns.current_user do
nil ->
socket =
socket
|> Phoenix.LiveView.put_flash(:error, "You must log in to access this page.")
|> Phoenix.LiveView.redirect(to: ~p"/users/log_in")
{:halt, socket}
%{approved_at: nil} ->
socket =
socket
|> Phoenix.LiveView.put_flash(:error, "You have not been approved yet.")
|> Phoenix.LiveView.redirect(to: ~p"/")
{:halt, socket}
_ ->
{:cont, socket}
end
end
As far as notifying admins and making screens to manage the requests, I’ll leave that part up to you. It’s a simple LiveView although if you want Email notifications that is a whole other thing.
This answers my question. Though the book didn’t use liveview from the start, I’m glad to know the implementation logic is almost the same on my Auth.ex.
I’m having a little trouble to add a timestamp to the approved_at field atm, as well as the nil type which is not recognized by phoenix but I’ll crunch through some more docs to get at it. Thanks for the improvement!
© Copyright Elixir Forum | Terms | Privacy & Cookies
