- |> assign(:user, verified_user)
- |> put_session(:user_id, verified_user.id)
- else
- _ -> conn |> halt_or_continue(opts)
- end
- end
-
- # Short-circuit if we have a cookie with the id for the given user.
- defp verify(%{id: id} = user, _password, id) do
- {:ok, user}
- end
-
- defp verify(nil, _password, _user_id) do
- Pbkdf2.dummy_checkpw
- :error
- end
-
- defp verify(user, password, _user_id) do
- if Pbkdf2.checkpw(password, user.password_hash) do
- {:ok, user}