@@ -13,7 +13,6 @@ defmodule AlgoraWeb.Onboarding.DevLive do
1313 alias Algora.Repo
1414 alias AlgoraWeb.Components.Logos
1515 alias AlgoraWeb.LocalStore
16- alias Swoosh.Email
1716
1817 require Logger
1918
@@ -84,7 +83,7 @@ defmodule AlgoraWeb.Onboarding.DevLive do
8483
8584 { :ok ,
8685 socket
87- |> assign ( :secret_code , nil )
86+ |> assign ( :secret , nil )
8887 |> assign ( :step , Enum . at ( @ steps , 0 ) )
8988 |> assign ( :steps , @ steps )
9089 |> assign ( :total_steps , length ( @ steps ) )
@@ -162,41 +161,27 @@ defmodule AlgoraWeb.Onboarding.DevLive do
162161
163162 @ impl true
164163 def handle_event ( "send_signup_code" , % { "user" => % { "email" => email } } , socket ) do
165- code = Nanoid . generate ( )
164+ { secret , code } = AlgoraWeb.UserAuth . generate_totp ( )
166165
167166 changeset = User . signup_changeset ( % User { } , % { } )
168167
169- case send_signup_code_to_email ( email , code ) do
168+ case Algora.Accounts . deliver_totp_signup_email ( email , code ) do
170169 { :ok , _id } ->
171170 { :noreply ,
172171 socket
173- |> LocalStore . assign_cached ( :secret_code , code )
172+ |> LocalStore . assign_cached ( :secret , secret )
174173 |> LocalStore . assign_cached ( :email , email )
175174 |> assign ( :signup_form , to_form ( changeset ) ) }
176175
177- { :error , _reason } ->
178- # capture_error reason
179- { :noreply ,
180- put_flash (
181- socket ,
182- :error ,
183- "We had trouble sending mail to #{ email }
184- ) }
176+ { :error , reason } ->
177+ Logger . error ( "Failed to send signup code to #{ email } #{ inspect ( reason ) } )
178+ { :noreply , put_flash ( socket , :error , "We had trouble sending mail to #{ email } ) }
185179 end
186-
187- # case Algora.Accounts.get_user_by_email(email) do
188- # %User{} = user ->
189- # {:noreply, socket}
190-
191- # nil ->
192- # throttle()
193- # {:noreply, put_flash(socket, :error, "Email address not found.")}
194- # end
195180 end
196181
197182 @ impl true
198183 def handle_event ( "send_signup_code" , % { "user" => % { "signup_code" => code } } , socket ) do
199- if Plug.Crypto . secure_compare ( String . trim ( code ) , socket . assigns . secret_code ) do
184+ if AlgoraWeb.UserAuth . valid_totp? ( socket . assigns . secret , String . trim ( code ) ) do
200185 user_handle =
201186 socket . assigns . email
202187 |> String . replace ( ~r/ [^a-zA-Z0-9]/ , "-" )
@@ -368,11 +353,11 @@ defmodule AlgoraWeb.Onboarding.DevLive do
368353 </ p >
369354
370355 < div class = "mt-8 " >
371- < . button :if = { ! @ secret_code } phx-click = "sign_in_with_github " class = "w-full py-5 " >
356+ < . button :if = { ! @ secret } phx-click = "sign_in_with_github " class = "w-full py-5 " >
372357 < Logos . github class = "size-5 mr-2 -ml-1 shrink-0 " /> Continue with GitHub
373358 </ . button >
374359
375- < div :if = { ! @ secret_code } class = "relative mt-6 " >
360+ < div :if = { ! @ secret } class = "relative mt-6 " >
376361 < div class = "absolute inset-0 flex items-center " aria-hidden = "true " >
377362 < div class = "w-full border-t border-muted-foreground/50 " > </ div >
378363 </ div >
@@ -383,7 +368,7 @@ defmodule AlgoraWeb.Onboarding.DevLive do
383368
384369 < div class = "mt-4 " >
385370 < . simple_form
386- :if = { ! @ secret_code }
371+ :if = { ! @ secret }
387372 for = { @ signup_form }
388373 id = "send_signup_code_form "
389374 phx-submit = "send_signup_code "
@@ -404,7 +389,7 @@ defmodule AlgoraWeb.Onboarding.DevLive do
404389 </ div >
405390
406391 < . simple_form
407- :if = { @ secret_code }
392+ :if = { @ secret }
408393 for = { @ signup_form }
409394 id = "send_signup_code_form "
410395 phx-submit = "send_signup_code "
@@ -484,30 +469,4 @@ defmodule AlgoraWeb.Onboarding.DevLive do
484469 <% end %>
485470 """
486471 end
487-
488- @ from_name "Algora"
489- 490-
491- defp send_signup_code_to_email ( email , code ) do
492- email =
493- Email . new ( )
494- |> Email . to ( email )
495- |> Email . from ( { @ from_name , @ from_email } )
496- |> Email . subject ( "Signup code for Algora" )
497- |> Email . text_body ( """
498- Here is your signup code for Algora!
499-
500- #{ code }
501-
502- If you didn't request this link, you can safely ignore this email.
503-
504- --------------------------------------------------------------------------------
505-
506- For correspondence, please email the Algora founders at [email protected] and [email protected] 507-
508- © 2025 Algora PBC.
509- """ )
510-
511- Algora.Mailer . deliver ( email )
512- end
513472end
0 commit comments