155 lines
4.9 KiB
Elixir
155 lines
4.9 KiB
Elixir
defmodule Core.Accounts.User do
|
|
@moduledoc false
|
|
import Ecto.Changeset
|
|
|
|
@doc """
|
|
A user changeset for registration.
|
|
|
|
It is important to validate the length of both username and password.
|
|
Otherwise databases may truncate the username without warnings, which
|
|
could lead to unpredictable or insecure behaviour. Long passwords may
|
|
also be very expensive to hash for certain algorithms.
|
|
|
|
## Options
|
|
|
|
* `:hash_password` - Hashes the password so it can be stored securely
|
|
in the database and ensures the password field is cleared to prevent
|
|
leaks in the logs. If password hashing is not needed and clearing the
|
|
password field is not desired (like when using this changeset for
|
|
validations on a LiveView form), this option can be set to `false`.
|
|
Defaults to `true`.
|
|
|
|
* `:validate_username` - Validates the uniqueness of the username, in case
|
|
you don't want to validate the uniqueness of the username (like when
|
|
using this changeset for validations on a LiveView form before
|
|
submitting the form), this option can be set to `false`.
|
|
Defaults to `true`.
|
|
"""
|
|
def registration_changeset(user, attrs, opts \\ []) do
|
|
user
|
|
|> cast(attrs, [:username, :password])
|
|
|> validate_username(opts)
|
|
|> validate_password(opts)
|
|
end
|
|
|
|
defp validate_username(changeset, opts) do
|
|
changeset
|
|
|> validate_required([:username])
|
|
|> validate_length(:username, max: 160)
|
|
|> maybe_validate_unique_username(opts)
|
|
end
|
|
|
|
defp validate_password(changeset, opts) do
|
|
changeset
|
|
|> validate_required([:password])
|
|
|> validate_length(:password, min: 12, max: 72)
|
|
# Examples of additional password validation:
|
|
# |> validate_format(:password, ~r/[a-z]/, message: "at least one lower case character")
|
|
# |> validate_format(:password, ~r/[A-Z]/, message: "at least one upper case character")
|
|
# |> validate_format(:password, ~r/[!?@#$%^&*_0-9]/, message: "at least one digit or punctuation character")
|
|
|> maybe_hash_password(opts)
|
|
end
|
|
|
|
defp maybe_hash_password(changeset, opts) do
|
|
hash_password? = Keyword.get(opts, :hash_password, true)
|
|
password = get_change(changeset, :password)
|
|
|
|
if hash_password? && password && changeset.valid? do
|
|
changeset
|
|
# Hashing could be done with `Ecto.Changeset.prepare_changes/2`, but that
|
|
# would keep the database transaction open longer and hurt performance.
|
|
|> put_change(:hashed_password, Argon2.hash_pwd_salt(password))
|
|
|> delete_change(:password)
|
|
else
|
|
changeset
|
|
end
|
|
end
|
|
|
|
defp maybe_validate_unique_username(changeset, opts) do
|
|
if Keyword.get(opts, :validate_username, true) do
|
|
changeset
|
|
|> unsafe_validate_unique(:username, Core.Repo)
|
|
|> unique_constraint(:username)
|
|
else
|
|
changeset
|
|
end
|
|
end
|
|
|
|
@doc """
|
|
A user changeset for changing the username.
|
|
|
|
It requires the username to change otherwise an error is added.
|
|
"""
|
|
def username_changeset(user, attrs, opts \\ []) do
|
|
user
|
|
|> cast(attrs, [:username])
|
|
|> validate_username(opts)
|
|
|> case do
|
|
%{changes: %{username: _}} = changeset -> changeset
|
|
%{} = changeset -> add_error(changeset, :username, "did not change")
|
|
end
|
|
end
|
|
|
|
@doc """
|
|
A user changeset for changing the password.
|
|
|
|
## Options
|
|
|
|
* `:hash_password` - Hashes the password so it can be stored securely
|
|
in the database and ensures the password field is cleared to prevent
|
|
leaks in the logs. If password hashing is not needed and clearing the
|
|
password field is not desired (like when using this changeset for
|
|
validations on a LiveView form), this option can be set to `false`.
|
|
Defaults to `true`.
|
|
"""
|
|
def password_changeset(user, attrs, opts \\ []) do
|
|
user
|
|
|> cast(attrs, [:password])
|
|
|> validate_confirmation(:password, message: "does not match password")
|
|
|> validate_password(opts)
|
|
end
|
|
|
|
@doc """
|
|
Verifies the password.
|
|
|
|
If there is no user or the user doesn't have a password, we call
|
|
`Argon2.no_user_verify/0` to avoid timing attacks.
|
|
"""
|
|
def valid_password?(%Schema.User{hashed_password: hashed_password}, password)
|
|
when is_binary(hashed_password) and byte_size(password) > 0 do
|
|
Argon2.verify_pass(password, hashed_password)
|
|
end
|
|
|
|
def valid_password?(_, _) do
|
|
Argon2.no_user_verify()
|
|
false
|
|
end
|
|
|
|
@doc """
|
|
Validates the current password otherwise adds an error to the changeset.
|
|
"""
|
|
def validate_current_password(changeset, password) do
|
|
changeset = cast(changeset, %{current_password: password}, [:current_password])
|
|
|
|
if valid_password?(changeset.data, password) do
|
|
changeset
|
|
else
|
|
add_error(changeset, :current_password, "is not valid")
|
|
end
|
|
end
|
|
|
|
defmodule Query do
|
|
@moduledoc false
|
|
import Ecto.Query
|
|
|
|
def base do
|
|
from _ in Schema.User, as: :users
|
|
end
|
|
|
|
def has_users_query(query \\ base()) do
|
|
query
|
|
|> limit(1)
|
|
|> select([users: _], true)
|
|
end
|
|
end
|
|
end
|