212 lines
6.1 KiB
Elixir
Raw Normal View History

defmodule Mobilizon.Users.User do
@moduledoc """
2019-09-07 19:54:11 +02:00
Represents a local user.
"""
2019-09-07 19:54:11 +02:00
use Ecto.Schema
2019-09-07 19:54:11 +02:00
import Ecto.Changeset
2019-09-07 19:54:11 +02:00
alias Mobilizon.Actors.Actor
2019-09-07 19:54:11 +02:00
alias Mobilizon.Crypto
alias Mobilizon.Events.FeedToken
alias Mobilizon.Users.{Setting, UserRole}
alias Mobilizon.Web.Email.Checker
2019-09-07 19:54:11 +02:00
@type t :: %__MODULE__{
email: String.t(),
password_hash: String.t(),
password: String.t(),
role: UserRole.t(),
confirmed_at: DateTime.t(),
confirmation_sent_at: DateTime.t(),
confirmation_token: String.t(),
reset_password_sent_at: DateTime.t(),
reset_password_token: String.t(),
locale: String.t(),
2019-09-07 19:54:11 +02:00
default_actor: Actor.t(),
disabled: boolean(),
2019-09-07 19:54:11 +02:00
actors: [Actor.t()],
feed_tokens: [FeedToken.t()]
}
@required_attrs [:email]
@optional_attrs [
:role,
:password,
:password_hash,
:confirmed_at,
:confirmation_sent_at,
:confirmation_token,
:reset_password_sent_at,
:reset_password_token,
:default_actor_id,
:locale,
:unconfirmed_email,
:disabled,
:provider
2019-09-07 19:54:11 +02:00
]
@attrs @required_attrs ++ @optional_attrs
@registration_required_attrs @required_attrs ++ [:password]
2019-09-07 19:54:11 +02:00
@auth_provider_required_attrs @required_attrs ++ [:provider]
@password_change_required_attrs [:password]
@password_reset_required_attrs @password_change_required_attrs ++
[:reset_password_token, :reset_password_sent_at]
2019-09-07 19:54:11 +02:00
@confirmation_token_length 30
schema "users" do
field(:email, :string)
field(:password_hash, :string)
field(:password, :string, virtual: true)
2019-09-07 19:54:11 +02:00
field(:role, UserRole, default: :user)
field(:confirmed_at, :utc_datetime)
field(:confirmation_sent_at, :utc_datetime)
field(:confirmation_token, :string)
field(:reset_password_sent_at, :utc_datetime)
field(:reset_password_token, :string)
field(:unconfirmed_email, :string)
field(:locale, :string, default: "en")
field(:disabled, :boolean, default: false)
field(:provider, :string)
2019-09-07 19:54:11 +02:00
belongs_to(:default_actor, Actor)
has_many(:actors, Actor)
has_many(:feed_tokens, FeedToken, foreign_key: :user_id)
has_one(:settings, Setting)
timestamps()
end
@doc false
2019-09-13 01:55:45 +02:00
@spec changeset(t, map) :: Ecto.Changeset.t()
def changeset(%__MODULE__{} = user, attrs) do
changeset =
user
2019-09-07 19:54:11 +02:00
|> cast(attrs, @attrs)
|> validate_required(@required_attrs)
|> unique_constraint(:email, message: "This email is already used.")
|> Checker.validate_changeset()
|> validate_length(:password, min: 6, max: 200, message: "The chosen password is too short.")
if Map.has_key?(attrs, :default_actor) do
put_assoc(changeset, :default_actor, attrs.default_actor)
else
changeset
end
2017-12-09 14:58:37 +01:00
end
def delete_changeset(%__MODULE__{} = user) do
user
|> change()
|> put_change(:disabled, true)
|> put_change(:default_actor_id, nil)
end
2019-09-07 19:54:11 +02:00
@doc false
2019-09-13 01:55:45 +02:00
@spec registration_changeset(t, map) :: Ecto.Changeset.t()
def registration_changeset(%__MODULE__{} = user, attrs) do
2019-09-07 19:54:11 +02:00
user
|> changeset(attrs)
|> cast_assoc(:default_actor)
2019-09-07 19:54:11 +02:00
|> validate_required(@registration_required_attrs)
|> hash_password()
|> save_confirmation_token()
|> unique_constraint(
:confirmation_token,
message: "The registration token is already in use, this looks like an issue on our side."
)
end
@doc false
@spec auth_provider_changeset(t, map) :: Ecto.Changeset.t()
def auth_provider_changeset(%__MODULE__{} = user, attrs) do
user
|> changeset(attrs)
|> cast_assoc(:default_actor)
|> put_change(:confirmed_at, DateTime.utc_now() |> DateTime.truncate(:second))
|> validate_required(@auth_provider_required_attrs)
end
2019-09-07 19:54:11 +02:00
@doc false
2019-09-13 01:55:45 +02:00
@spec send_password_reset_changeset(t, map) :: Ecto.Changeset.t()
def send_password_reset_changeset(%__MODULE__{} = user, attrs) do
2019-09-07 19:54:11 +02:00
cast(user, attrs, [:reset_password_token, :reset_password_sent_at])
end
2019-09-07 19:54:11 +02:00
@doc false
2019-09-13 01:55:45 +02:00
@spec password_reset_changeset(t, map) :: Ecto.Changeset.t()
def password_reset_changeset(%__MODULE__{} = user, attrs) do
password_change_changeset(user, attrs, @password_reset_required_attrs)
end
@doc """
Changeset to change a password
It checks the minimum requirements for a password and hashes it.
"""
@spec password_change_changeset(t, map) :: Ecto.Changeset.t()
def password_change_changeset(
%__MODULE__{} = user,
attrs,
required_attrs \\ @password_change_required_attrs
) do
user
|> cast(attrs, required_attrs)
2019-09-07 19:54:11 +02:00
|> validate_length(:password,
min: 6,
max: 200,
message: "registration.error.password_too_short"
)
|> hash_password()
end
2019-09-07 19:54:11 +02:00
@doc """
Checks whether an user is confirmed.
2019-09-07 19:54:11 +02:00
"""
2019-09-13 01:55:45 +02:00
@spec is_confirmed(t) :: boolean
def is_confirmed(%__MODULE__{confirmed_at: nil}), do: false
def is_confirmed(%__MODULE__{}), do: true
2019-09-07 19:54:11 +02:00
@doc """
Returns whether an user owns an actor.
"""
2019-09-13 01:55:45 +02:00
@spec owns_actor(t, integer | String.t()) :: {:is_owned, Actor.t() | nil}
def owns_actor(%__MODULE__{actors: actors}, actor_id) do
2019-09-07 19:54:11 +02:00
user_actor = Enum.find(actors, fn actor -> "#{actor.id}" == "#{actor_id}" end)
{:is_owned, user_actor}
end
@spec save_confirmation_token(Ecto.Changeset.t()) :: Ecto.Changeset.t()
defp save_confirmation_token(
%Ecto.Changeset{valid?: true, changes: %{email: _email}} = changeset
) do
case fetch_change(changeset, :confirmed_at) do
:error ->
2019-09-07 19:54:11 +02:00
changeset
|> put_change(:confirmation_token, Crypto.random_string(@confirmation_token_length))
|> put_change(:confirmation_sent_at, DateTime.utc_now() |> DateTime.truncate(:second))
_ ->
changeset
end
end
defp save_confirmation_token(%Ecto.Changeset{} = changeset), do: changeset
2019-09-07 19:54:11 +02:00
@spec hash_password(Ecto.Changeset.t()) :: Ecto.Changeset.t()
defp hash_password(%Ecto.Changeset{} = changeset) do
2017-12-09 14:58:37 +01:00
case changeset do
%Ecto.Changeset{valid?: true, changes: %{password: password}} ->
2019-09-07 19:54:11 +02:00
put_change(changeset, :password_hash, Argon2.hash_pwd_salt(password))
2017-12-09 14:58:37 +01:00
_ ->
changeset
end
end
end