Haytni v0.6.1 Haytni.RecoverablePlugin View Source
This plugin allows the user to reset its password if he forgot it. To do so, its email addresse (default) is asked to him then an unique token is generated and send to its mailbox. This mail contains a link to activate where a new password will be requested to override the previous one.
Fields:
- reset_password_token (string, nullable, unique, default:
NULL
): the unique token to reinitialize the password (NULL
if none) - reset_password_sent_at (datetime@utc, nullable, default:
NULL
): when the reinitialization token was generated (alsoNULL
if there is no pending request)
Configuration:
reset_token_length
(default:32
): the length of the generated tokenreset_password_within
(default:{6, :hour}
): the delay before the token expiresreset_password_keys
(default:~W[email]a
): the field(s) to be matched to send a reinitialization tokenstack Haytni.RecoverablePlugin, reset_token_length: 32, reset_password_keys: ~W[email]a, reset_password_within: {6, :hour}
Routes:
haytni_<scope>_password_path
(actions: new/create, edit/update): default path is"/password"
but you can customize it to whatever you want by specifying the option:password_path
to your YourApp.Haytni.routes/1 call in your router (eg:YourApp.Haytni.routes(password_path: "/recover")
)
Link to this section Summary
Functions
The translated string to display when a password recovery token exists but is expired
Callback implementation for Haytni.Plugin.find_user/3
.
Callback implementation for Haytni.Plugin.invalid?/2
.
The translated string to display when a password recovery token is invalid (ie not associated to someone)
The (database) attributes as a keyword-list to redefine the password (after hashing) and void previous password recovery token
Callback implementation for Haytni.Plugin.on_email_change/4
.
Callback implementation for Haytni.Plugin.on_failed_authentication/5
.
Callback implementation for Haytni.Plugin.on_logout/2
.
Callback implementation for Haytni.Plugin.on_registration/3
.
Callback implementation for Haytni.Plugin.on_successful_authentication/5
.
Change user's password from its recovering token.
Converts the parameters received by the controller from which users can start the password recovery procedure by requesting a
recovery token into an %Ecto.Changeset{}
.
The (database) attributes as a keyword-list to generate a new password recovery token
Send instructions to reset user's password.
Callback implementation for Haytni.Plugin.validate_create_registration/2
.
Callback implementation for Haytni.Plugin.validate_password/2
.
Callback implementation for Haytni.Plugin.validate_update_registration/2
.
Link to this section Functions
Specs
expired_token_message() :: String.t()
The translated string to display when a password recovery token exists but is expired
Callback implementation for Haytni.Plugin.find_user/3
.
Callback implementation for Haytni.Plugin.invalid?/2
.
Specs
invalid_token_message() :: String.t()
The translated string to display when a password recovery token is invalid (ie not associated to someone)
Specs
The (database) attributes as a keyword-list to redefine the password (after hashing) and void previous password recovery token
Callback implementation for Haytni.Plugin.on_email_change/4
.
Callback implementation for Haytni.Plugin.on_failed_authentication/5
.
Callback implementation for Haytni.Plugin.on_logout/2
.
Callback implementation for Haytni.Plugin.on_registration/3
.
Callback implementation for Haytni.Plugin.on_successful_authentication/5
.
Specs
recover( module :: module(), config :: Haytni.RecoverablePlugin.Config.t(), password_params :: %{required(String.t()) => String.t()} ) :: {:ok, Haytni.user()} | {:error, Ecto.Changeset.t()}
Change user's password from its recovering token.
Returns {:ok, user}
if successful else {:error, changeset}
when the token:
- is empty
- doesn't exist
- is expired
Specs
recovering_changeset( config :: Haytni.RecoverablePlugin.Config.t(), request_params :: %{optional(String.t()) => String.t()} ) :: Ecto.Changeset.t()
Converts the parameters received by the controller from which users can start the password recovery procedure by requesting a
recovery token into an %Ecto.Changeset{}
.
Specs
reset_password_attributes(config :: Haytni.RecoverablePlugin.Config.t()) :: Keyword.t()
The (database) attributes as a keyword-list to generate a new password recovery token
Specs
send_reset_password_instructions( module :: module(), config :: Haytni.RecoverablePlugin.Config.t(), request_params :: %{optional(String.t()) => String.t()} ) :: {:ok, nil | Haytni.user()} | {:error, Ecto.Changeset.t()}
Send instructions to reset user's password.
Returns {:error, changeset}
if there is no account matching config.reset_password_keys
else {:ok, user}
.
But in strict mode (config :haytni, mode: :strict
) returned values are:
{:error, changeset}
if fields (form) were not filled{:ok, user}
if successful{:ok, nil}
if there is no account matchingconfig.reset_password_keys
For the latest, the difference between {:ok, user}
and {:ok, nil}
cases SHOULD not be tested in order to disclose
to the end user if an actual account matches or not!
Callback implementation for Haytni.Plugin.validate_create_registration/2
.
Callback implementation for Haytni.Plugin.validate_password/2
.
Callback implementation for Haytni.Plugin.validate_update_registration/2
.