cleanup user and user token models

This commit is contained in:
shibao 2021-09-10 00:22:05 -04:00 committed by oliviasculley
parent c28b243358
commit 8fb87a4fda
2 changed files with 43 additions and 8 deletions

View File

@ -1,6 +1,7 @@
defmodule Cannery.Accounts.User do defmodule Cannery.Accounts.User do
use Ecto.Schema use Ecto.Schema
import Ecto.Changeset import Ecto.Changeset
alias Cannery.Accounts.{User}
@derive {Inspect, except: [:password]} @derive {Inspect, except: [:password]}
@primary_key {:id, :binary_id, autogenerate: true} @primary_key {:id, :binary_id, autogenerate: true}
@ -10,10 +11,23 @@ defmodule Cannery.Accounts.User do
field :password, :string, virtual: true field :password, :string, virtual: true
field :hashed_password, :string field :hashed_password, :string
field :confirmed_at, :naive_datetime field :confirmed_at, :naive_datetime
field :role, Ecto.Enum, values: [:admin, :user], default: :user
timestamps() timestamps()
end end
@type t :: %{
id: Ecto.UUID.t(),
email: String.t(),
password: String.t(),
hashed_password: String.t(),
confirmed_at: NaiveDateTime.t(),
role: atom(),
invites: [Invite.t()],
inserted_at: NaiveDateTime.t(),
updated_at: NaiveDateTime.t()
}
@doc """ @doc """
A user changeset for registration. A user changeset for registration.
@ -31,13 +45,25 @@ defmodule Cannery.Accounts.User do
validations on a LiveView form), this option can be set to `false`. validations on a LiveView form), this option can be set to `false`.
Defaults to `true`. Defaults to `true`.
""" """
@spec registration_changeset(User.t(), map()) :: Ecto.Changeset.t()
@spec registration_changeset(User.t(), map(), keyword()) :: Ecto.Changeset.t()
def registration_changeset(user, attrs, opts \\ []) do def registration_changeset(user, attrs, opts \\ []) do
user user
|> cast(attrs, [:email, :password]) |> cast(attrs, [:email, :password, :role])
|> validate_email() |> validate_email()
|> validate_password(opts) |> validate_password(opts)
end end
@doc """
A user changeset for role.
"""
@spec role_changeset(User.t(), atom()) :: Ecto.Changeset.t()
def role_changeset(user, role) do
user |> cast(%{"role" => role}, [:role])
end
@spec validate_email(Ecto.Changeset.t()) :: Ecto.Changeset.t()
defp validate_email(changeset) do defp validate_email(changeset) do
changeset changeset
|> validate_required([:email]) |> validate_required([:email])
@ -47,6 +73,7 @@ defmodule Cannery.Accounts.User do
|> unique_constraint(:email) |> unique_constraint(:email)
end end
@spec validate_password(Ecto.Changeset.t(), keyword()) :: Ecto.Changeset.t()
defp validate_password(changeset, opts) do defp validate_password(changeset, opts) do
changeset changeset
|> validate_required([:password]) |> validate_required([:password])
@ -57,6 +84,7 @@ defmodule Cannery.Accounts.User do
|> maybe_hash_password(opts) |> maybe_hash_password(opts)
end end
@spec maybe_hash_password(Ecto.Changeset.t(), keyword()) :: Ecto.Changeset.t()
defp maybe_hash_password(changeset, opts) do defp maybe_hash_password(changeset, opts) do
hash_password? = Keyword.get(opts, :hash_password, true) hash_password? = Keyword.get(opts, :hash_password, true)
password = get_change(changeset, :password) password = get_change(changeset, :password)
@ -75,6 +103,7 @@ defmodule Cannery.Accounts.User do
It requires the email to change otherwise an error is added. It requires the email to change otherwise an error is added.
""" """
@spec email_changeset(User.t(), map()) :: Ecto.Changeset.t()
def email_changeset(user, attrs) do def email_changeset(user, attrs) do
user user
|> cast(attrs, [:email]) |> cast(attrs, [:email])
@ -97,6 +126,8 @@ defmodule Cannery.Accounts.User do
validations on a LiveView form), this option can be set to `false`. validations on a LiveView form), this option can be set to `false`.
Defaults to `true`. Defaults to `true`.
""" """
@spec password_changeset(User.t(), map()) :: Ecto.Changeset.t()
@spec password_changeset(User.t(), map(), keyword()) :: Ecto.Changeset.t()
def password_changeset(user, attrs, opts \\ []) do def password_changeset(user, attrs, opts \\ []) do
user user
|> cast(attrs, [:password]) |> cast(attrs, [:password])
@ -107,6 +138,7 @@ defmodule Cannery.Accounts.User do
@doc """ @doc """
Confirms the account by setting `confirmed_at`. Confirms the account by setting `confirmed_at`.
""" """
@spec confirm_changeset(User.t()) :: Ecto.Changeset.t()
def confirm_changeset(user) do def confirm_changeset(user) do
now = NaiveDateTime.utc_now() |> NaiveDateTime.truncate(:second) now = NaiveDateTime.utc_now() |> NaiveDateTime.truncate(:second)
change(user, confirmed_at: now) change(user, confirmed_at: now)
@ -118,7 +150,8 @@ defmodule Cannery.Accounts.User do
If there is no user or the user doesn't have a password, we call If there is no user or the user doesn't have a password, we call
`Bcrypt.no_user_verify/0` to avoid timing attacks. `Bcrypt.no_user_verify/0` to avoid timing attacks.
""" """
def valid_password?(%Cannery.Accounts.User{hashed_password: hashed_password}, password) @spec valid_password?(User.t(), String.t()) :: boolean()
def valid_password?(%User{hashed_password: hashed_password}, password)
when is_binary(hashed_password) and byte_size(password) > 0 do when is_binary(hashed_password) and byte_size(password) > 0 do
Bcrypt.verify_pass(password, hashed_password) Bcrypt.verify_pass(password, hashed_password)
end end
@ -131,6 +164,7 @@ defmodule Cannery.Accounts.User do
@doc """ @doc """
Validates the current password otherwise adds an error to the changeset. Validates the current password otherwise adds an error to the changeset.
""" """
@spec validate_current_password(Ecto.Changeset.t(), String.t()) :: Ecto.UUID.t()
def validate_current_password(changeset, password) do def validate_current_password(changeset, password) do
if valid_password?(changeset.data, password) do if valid_password?(changeset.data, password) do
changeset changeset

View File

@ -1,6 +1,7 @@
defmodule Cannery.Accounts.UserToken do defmodule Cannery.Accounts.UserToken do
use Ecto.Schema use Ecto.Schema
import Ecto.Query import Ecto.Query
alias Cannery.{Accounts}
@hash_algorithm :sha256 @hash_algorithm :sha256
@rand_size 32 @rand_size 32
@ -18,7 +19,7 @@ defmodule Cannery.Accounts.UserToken do
field :token, :binary field :token, :binary
field :context, :string field :context, :string
field :sent_to, :string field :sent_to, :string
belongs_to :user, Cannery.Accounts.User belongs_to :user, Accounts.User
timestamps(updated_at: false) timestamps(updated_at: false)
end end
@ -30,7 +31,7 @@ defmodule Cannery.Accounts.UserToken do
""" """
def build_session_token(user) do def build_session_token(user) do
token = :crypto.strong_rand_bytes(@rand_size) token = :crypto.strong_rand_bytes(@rand_size)
{token, %Cannery.Accounts.UserToken{token: token, context: "session", user_id: user.id}} {token, %Accounts.UserToken{token: token, context: "session", user_id: user.id}}
end end
@doc """ @doc """
@ -65,7 +66,7 @@ defmodule Cannery.Accounts.UserToken do
hashed_token = :crypto.hash(@hash_algorithm, token) hashed_token = :crypto.hash(@hash_algorithm, token)
{Base.url_encode64(token, padding: false), {Base.url_encode64(token, padding: false),
%Cannery.Accounts.UserToken{ %Accounts.UserToken{
token: hashed_token, token: hashed_token,
context: context, context: context,
sent_to: sent_to, sent_to: sent_to,
@ -125,17 +126,17 @@ defmodule Cannery.Accounts.UserToken do
Returns the given token with the given context. Returns the given token with the given context.
""" """
def token_and_context_query(token, context) do def token_and_context_query(token, context) do
from Cannery.Accounts.UserToken, where: [token: ^token, context: ^context] from Accounts.UserToken, where: [token: ^token, context: ^context]
end end
@doc """ @doc """
Gets all tokens for the given user for the given contexts. Gets all tokens for the given user for the given contexts.
""" """
def user_and_contexts_query(user, :all) do def user_and_contexts_query(user, :all) do
from t in Cannery.Accounts.UserToken, where: t.user_id == ^user.id from t in Accounts.UserToken, where: t.user_id == ^user.id
end end
def user_and_contexts_query(user, [_ | _] = contexts) do def user_and_contexts_query(user, [_ | _] = contexts) do
from t in Cannery.Accounts.UserToken, where: t.user_id == ^user.id and t.context in ^contexts from t in Accounts.UserToken, where: t.user_id == ^user.id and t.context in ^contexts
end end
end end