Haytni.RecoverablePlugin (Haytni v0.6.3) View Source

This plugin allows the user to reset its password if he forgot it. To do so, its email addresse (default) is asked to him then an unique token is generated and send to its mailbox. This mail contains a link to activate where a new password will be requested to override the previous one.

Fields:

  • reset_password_token (string, nullable, unique, default: NULL): the unique token to reinitialize the password (NULL if none)
  • reset_password_sent_at (datetime@utc, nullable, default: NULL): when the reinitialization token was generated (also NULL if there is no pending request)

Configuration:

  • reset_token_length (default: 32): the length of the generated token

  • reset_password_within (default: {6, :hour}): the delay before the token expires

  • reset_password_keys (default: [:email]): the field(s) to be matched to send a reinitialization token

    stack Haytni.RecoverablePlugin,
      reset_token_length: 32,
      reset_password_keys: [:email],
      reset_password_within: {6, :hour}

Routes:

  • haytni_<scope>_password_path (actions: new/create, edit/update): default path is "/password" but you can customize it to whatever you want by specifying the option :password_path to your YourApp.Haytni.routes/1 call in your router (eg: YourApp.Haytni.routes(password_path: "/recover"))

Link to this section Summary

Functions

The translated string to display when a password recovery token exists but is expired

The translated string to display when a password recovery token is invalid (ie not associated to someone)

The (database) attributes as a keyword-list to redefine the password (after hashing) and void previous password recovery token

Change user's password from its recovering token.

Converts the parameters received by the controller from which users can start the password recovery procedure by requesting a recovery token into an %Ecto.Changeset{}.

The (database) attributes as a keyword-list to generate a new password recovery token

Send instructions to reset user's password.

Link to this section Functions

Specs

expired_token_message() :: String.t()

The translated string to display when a password recovery token exists but is expired

Link to this function

find_user(conn, module, config)

View Source

Callback implementation for Haytni.Plugin.find_user/3.

Link to this function

invalid?(user, module, config)

View Source

Callback implementation for Haytni.Plugin.invalid?/3.

Specs

invalid_token_message() :: String.t()

The translated string to display when a password recovery token is invalid (ie not associated to someone)

Link to this function

new_password_attributes(module, new_password)

View Source

Specs

new_password_attributes(module :: module(), new_password :: String.t()) ::
  Keyword.t()

The (database) attributes as a keyword-list to redefine the password (after hashing) and void previous password recovery token

Link to this function

on_email_change(multi, changeset, module, config)

View Source

Callback implementation for Haytni.Plugin.on_email_change/4.

Link to this function

on_failed_authentication(user, multi, keywords, module, config)

View Source

Callback implementation for Haytni.Plugin.on_failed_authentication/5.

Link to this function

on_logout(conn, module, config)

View Source

Callback implementation for Haytni.Plugin.on_logout/3.

Link to this function

on_registration(multi, module, config)

View Source

Callback implementation for Haytni.Plugin.on_registration/3.

Link to this function

on_successful_authentication(conn, user, multi, keywords, module, config)

View Source

Callback implementation for Haytni.Plugin.on_successful_authentication/6.

Link to this function

recover(module, config, password_params)

View Source

Specs

recover(
  module :: module(),
  config :: Haytni.RecoverablePlugin.Config.t(),
  password_params :: Haytni.params()
) :: Haytni.repo_nobang_operation(Haytni.user())

Change user's password from its recovering token.

Returns {:ok, user} if successful else {:error, changeset} when the token:

  • is empty
  • doesn't exist
  • is expired
Link to this function

recovering_changeset(config, request_params \\ %{})

View Source

Specs

recovering_changeset(
  config :: Haytni.RecoverablePlugin.Config.t(),
  request_params :: Haytni.params()
) :: Ecto.Changeset.t()

Converts the parameters received by the controller from which users can start the password recovery procedure by requesting a recovery token into an %Ecto.Changeset{}.

Link to this function

reset_password_attributes(config)

View Source

Specs

reset_password_attributes(config :: Haytni.RecoverablePlugin.Config.t()) ::
  Keyword.t()

The (database) attributes as a keyword-list to generate a new password recovery token

Link to this function

send_reset_password_instructions(module, config, request_params)

View Source

Specs

send_reset_password_instructions(
  module :: module(),
  config :: Haytni.RecoverablePlugin.Config.t(),
  request_params :: Haytni.params()
) :: Haytni.repo_nobang_operation(Haytni.user() | nil)

Send instructions to reset user's password.

Returns {:error, changeset} if there is no account matching config.reset_password_keys else {:ok, user}.

But in strict mode (config :haytni, mode: :strict) returned values are:

  • {:error, changeset} if fields (form) were not filled
  • {:ok, user} if successful
  • {:ok, nil} if there is no account matching config.reset_password_keys

For the latest, the difference between {:ok, user} and {:ok, nil} cases SHOULD not be tested in order to disclose to the end user if an actual account matches or not!

Link to this function

validate_create_registration(changeset, module, config)

View Source

Callback implementation for Haytni.Plugin.validate_create_registration/3.

Link to this function

validate_password(changeset, module, config)

View Source

Callback implementation for Haytni.Plugin.validate_password/3.

Link to this function

validate_update_registration(changeset, module, config)

View Source

Callback implementation for Haytni.Plugin.validate_update_registration/3.