meta/lib/recycledcloud/accounts.ex

405 lines
10 KiB
Elixir

defmodule RecycledCloud.Accounts do
@moduledoc """
The Accounts context.
"""
import Ecto.Query, warn: false
alias RecycledCloud.Repo
alias RecycledCloud.Accounts.{User, Key, UserToken, UserNotifier}
alias RecycledCloud.LDAP
## Database getters
@doc """
Gets a user by username.
## Examples
iex> get_user_by_username("foo")
%User{}
iex> get_user_by_username("unknown")
nil
"""
def get_user_by_username(username) when is_binary(username) do
User.get_by_username(username)
end
@doc """
Gets a user by username and password.
## Examples
iex> get_user_by_username_and_password("foo", "correct_password")
%User{}
iex> get_user_by_username_and_password("foo", "invalid_password")
nil
"""
def get_user_by_username_and_password(username, password)
when is_binary(username) and is_binary(password) do
user = get_user_by_username(username)
if User.valid_password?(user, password), do: user
end
@doc """
Gets a single user.
Raises `Ecto.NoResultsError` if the User does not exist.
## Examples
iex> get_user!(123)
%User{}
iex> get_user!(456)
** (Ecto.NoResultsError)
"""
def get_user!(id), do: User.get!(id)
## User registration
@doc """
Insert an user in local database.
## Examples
iex> insert_user(%{field: value})
{:ok, %User{}}
iex> insert_user(%{field: bad_value})
{:error, %Ecto.Changeset{}}
"""
def insert_user(attrs) do
%User{}
|> User.insertion_changeset(attrs)
|> Repo.insert()
end
@doc """
Register an user in LDAP backend and insert in local database.
"""
def register_user(attrs) do
changeset = %User{} |> User.registration_changeset(attrs)
case Ecto.Changeset.apply_action(changeset, :update) do
{:ok, user} ->
case User.register(user) do
{:ok, result} -> {:ok, result}
{:error, :entryAlreadyExists} ->
{
:error,
Ecto.Changeset.add_error(
changeset, :username, "has already been taken"
)
}
end
err -> err
end
end
@doc """
Returns an `%Ecto.Changeset{}` for tracking user changes.
## Examples
iex> change_user_registration(user)
%Ecto.Changeset{data: %User{}}
"""
def change_user_registration(%User{} = user, attrs \\ %{}) do
User.registration_changeset(user, attrs)
end
## Settings
@doc """
Returns an `%Ecto.Changeset{}` for changing the user email.
## Examples
iex> change_user_email(user)
%Ecto.Changeset{data: %User{}}
"""
def change_user_email(user, attrs \\ %{}) do
User.email_changeset(user, attrs)
end
@doc """
Emulates that the email will change without actually changing
it in the database.
## Examples
iex> apply_user_email(user, "valid password", %{email: ...})
{:ok, %User{}}
iex> apply_user_email(user, "invalid password", %{email: ...})
{:error, %Ecto.Changeset{}}
"""
def apply_user_email(user, password, attrs) do
user
|> User.email_changeset(attrs)
|> User.validate_current_password(password)
|> Ecto.Changeset.apply_action(:update)
end
@doc """
Updates the user email using the given token.
If the token matches, the user email is updated and the token is deleted.
The confirmed_at date is also updated to the current time.
"""
def update_user_email(user, token) do
context = "change:#{user.email}"
with {:ok, query} <- UserToken.verify_change_email_token_query(token, context),
%UserToken{sent_to: email} <- Repo.one(query),
{:ok, _} <- Repo.transaction(user_email_multi(user, email, context)),
:ok <- User.set_email(user, email) do
:ok
else
err -> :error
end
end
defp user_email_multi(user, email, context) do
changeset = user
|> User.email_changeset(%{email: email})
|> User.confirm_changeset()
# Delete existing tokens.
Ecto.Multi.new()
|> Ecto.Multi.update(:user, changeset)
|> Ecto.Multi.delete_all(:tokens, UserToken.user_and_contexts_query(user, [context]))
end
@doc """
Delivers the update email instructions to the given user.
## Examples
iex> deliver_update_email_instructions(user, current_email, &Routes.user_update_email_url(conn, :edit, &1))
{:ok, %{to: ..., body: ...}}
"""
def deliver_update_email_instructions(%User{} = user, current_email, update_email_url_fun)
when is_function(update_email_url_fun, 1) do
{encoded_token, user_token} = UserToken.build_email_token(user, "change:#{current_email}")
Repo.insert!(user_token)
UserNotifier.deliver_update_email_instructions(user, update_email_url_fun.(encoded_token))
end
@doc """
Returns an `%Ecto.Changeset{}` for changing the user password.
## Examples
iex> change_user_password(user)
%Ecto.Changeset{data: %User{}}
"""
def change_user_password(user, attrs \\ %{}) do
User.password_changeset(user, attrs)
end
defp set_user_password(user, changeset, new_password) do
case Ecto.Changeset.apply_action(changeset, :update) do
{:ok, _} ->
case User.set_password(user, new_password) do
:ok ->
Repo.delete_all(UserToken.user_and_contexts_query(user, :all))
{:ok, user}
{:error, err} ->
changeset_errors = [current_password: {"Unknown error: #{err}", [err: inspect(err)]}]
updated_changeset = changeset
|> Map.put(:action, :update)
|> Map.put(:errors, changeset_errors)
{:error, updated_changeset}
end
err ->
err
end
end
@doc """
Updates the user password.
## Examples
iex> update_user_password(user, "valid password", %{password: ...})
{:ok, %User{}}
iex> update_user_password(user, "invalid password", %{password: ...})
{:error, %Ecto.Changeset{}}
"""
def update_user_password(user, current_password, attrs) do
changeset = user
|> User.password_changeset(attrs)
|> User.validate_current_password(current_password)
set_user_password(user, changeset, attrs[:password])
end
## Session
@doc """
Generates a session token.
"""
def generate_user_session_token(user) do
{token, user_token} = UserToken.build_session_token(user)
Repo.insert!(user_token)
token
end
@doc """
Gets the user with the given signed token.
"""
def get_user_by_session_token(token) do
{:ok, query} = UserToken.verify_session_token_query(token)
Repo.one(query) |> User.maybe_populate_ldap_attributes()
end
@doc """
Deletes the signed token with the given context.
"""
def delete_session_token(token) do
Repo.delete_all(UserToken.token_and_context_query(token, "session"))
:ok
end
## Confirmation
@doc """
Delivers the confirmation email instructions to the given user.
## Examples
iex> deliver_user_confirmation_instructions(user, &Routes.user_confirmation_url(conn, :confirm, &1))
{:ok, %{to: ..., body: ...}}
iex> deliver_user_confirmation_instructions(confirmed_user, &Routes.user_confirmation_url(conn, :confirm, &1))
{:error, :already_confirmed}
"""
def deliver_user_confirmation_instructions(%User{} = user, confirmation_url_fun)
when is_function(confirmation_url_fun, 1) do
if user.confirmed_at do
{:error, :already_confirmed}
else
{encoded_token, user_token} = UserToken.build_email_token(user, "confirm")
Repo.insert!(user_token)
UserNotifier.deliver_confirmation_instructions(user, confirmation_url_fun.(encoded_token))
end
end
@doc """
Confirms a user by the given token.
If the token matches, the user account is marked as confirmed
and the token is deleted.
"""
def confirm_user(token) do
with {:ok, query} <- UserToken.verify_email_token_query(token, "confirm"),
%User{} = user <- Repo.one(query),
{:ok, %{user: user}} <- Repo.transaction(confirm_user_multi(user)) do
{:ok, user}
else
_ -> :error
end
end
defp confirm_user_multi(user) do
Ecto.Multi.new()
|> Ecto.Multi.update(:user, User.confirm_changeset(user))
|> Ecto.Multi.delete_all(:tokens, UserToken.user_and_contexts_query(user, ["confirm"]))
end
## Reset password
@doc """
Delivers the reset password email to the given user.
## Examples
iex> deliver_user_reset_password_instructions(user, &Routes.user_reset_password_url(conn, :edit, &1))
{:ok, %{to: ..., body: ...}}
"""
def deliver_user_reset_password_instructions(%User{} = user, reset_password_url_fun)
when is_function(reset_password_url_fun, 1) do
{encoded_token, user_token} = UserToken.build_email_token(user, "reset_password")
Repo.insert!(user_token)
UserNotifier.deliver_reset_password_instructions(user, reset_password_url_fun.(encoded_token))
end
@doc """
Gets the user by reset password token.
## Examples
iex> get_user_by_reset_password_token("validtoken")
%User{}
iex> get_user_by_reset_password_token("invalidtoken")
nil
"""
def get_user_by_reset_password_token(token) do
with {:ok, query} <- UserToken.verify_email_token_query(token, "reset_password"),
%User{} = user <- Repo.one(query) do
user
else
_ -> nil
end
end
@doc """
Resets the user password.
## Examples
iex> reset_user_password(user, %{password: "new long password", password_confirmation: "new long password"})
{:ok, %User{}}
iex> reset_user_password(user, %{password: "valid", password_confirmation: "not the same"})
{:error, %Ecto.Changeset{}}
"""
def reset_user_password(user, attrs) do
changeset = user
|> User.password_changeset(attrs)
set_user_password(user, changeset, attrs[:password])
end
## Keys
def get_key!(id), do: Repo.get!(Key, id)
def get_keys_for(%User{} = user) do
Repo.preload(user, :keys).keys
end
def change_user_key(user, attrs \\ %{}) do
Key.changeset(user, attrs)
end
def add_key(%User{} = user, value, comment \\ nil) do
%Key{}
|> Key.changeset(%{value: value, comment: comment})
|> Ecto.Changeset.put_assoc(:user, user)
|> Repo.insert()
end
def remove_key!(%Key{} = key) do
Repo.delete!(key)
end
end