nova_auth_accounts (nova_auth v0.2.0)

View Source

User account operations: authentication, registration, password changes, and identity changes. Uses dummy verification on failed lookups to prevent timing-based user enumeration.

Summary

Functions

Authenticate a user by identity and password.

Change a user's identity (e.g. email) after verifying the current password. Invalidates all tokens.

Change a user's password after verifying the current password. Invalidates all tokens.

Fetch a user by their primary key.

Register a new user using the provided changeset function and params.

Functions

authenticate(AuthMod, Identity, Password)

-spec authenticate(module(), binary(), binary()) -> {ok, map()} | {error, invalid_credentials}.

Authenticate a user by identity and password.

change_identity(AuthMod, User, CurrentPassword, NewParams)

-spec change_identity(module(), map(), binary(), map()) ->
                         {ok, map()} |
                         {error, invalid_password} |
                         {error,
                          #kura_changeset{valid :: boolean(),
                                          schema :: module() | undefined,
                                          data :: map(),
                                          params :: map(),
                                          changes :: map(),
                                          errors :: [{atom(), binary()}],
                                          types :: #{atom() => kura_types:kura_type()},
                                          required :: [atom()],
                                          action :: atom() | undefined,
                                          constraints ::
                                              [#kura_constraint{type ::
                                                                    unique | foreign_key | check |
                                                                    exclusion,
                                                                constraint :: binary(),
                                                                field :: atom(),
                                                                message :: binary()}],
                                          assoc_changes ::
                                              #{atom() => #kura_changeset{} | [#kura_changeset{}]},
                                          prepare :: [fun((#kura_changeset{}) -> #kura_changeset{})],
                                          optimistic_lock :: atom() | undefined}}.

Change a user's identity (e.g. email) after verifying the current password. Invalidates all tokens.

change_password(AuthMod, User, CurrentPassword, NewParams)

-spec change_password(module(), map(), binary(), map()) ->
                         {ok, map()} |
                         {error, invalid_password} |
                         {error,
                          #kura_changeset{valid :: boolean(),
                                          schema :: module() | undefined,
                                          data :: map(),
                                          params :: map(),
                                          changes :: map(),
                                          errors :: [{atom(), binary()}],
                                          types :: #{atom() => kura_types:kura_type()},
                                          required :: [atom()],
                                          action :: atom() | undefined,
                                          constraints ::
                                              [#kura_constraint{type ::
                                                                    unique | foreign_key | check |
                                                                    exclusion,
                                                                constraint :: binary(),
                                                                field :: atom(),
                                                                message :: binary()}],
                                          assoc_changes ::
                                              #{atom() => #kura_changeset{} | [#kura_changeset{}]},
                                          prepare :: [fun((#kura_changeset{}) -> #kura_changeset{})],
                                          optimistic_lock :: atom() | undefined}}.

Change a user's password after verifying the current password. Invalidates all tokens.

get_user_by_id(AuthMod, UserId)

-spec get_user_by_id(module(), term()) -> {ok, map()} | {error, not_found} | {error, term()}.

Fetch a user by their primary key.

register(AuthMod, ChangesetFun, Params)

-spec register(module(),
               fun((map(), map()) ->
                       #kura_changeset{valid :: boolean(),
                                       schema :: module() | undefined,
                                       data :: map(),
                                       params :: map(),
                                       changes :: map(),
                                       errors :: [{atom(), binary()}],
                                       types :: #{atom() => kura_types:kura_type()},
                                       required :: [atom()],
                                       action :: atom() | undefined,
                                       constraints ::
                                           [#kura_constraint{type ::
                                                                 unique | foreign_key | check |
                                                                 exclusion,
                                                             constraint :: binary(),
                                                             field :: atom(),
                                                             message :: binary()}],
                                       assoc_changes ::
                                           #{atom() => #kura_changeset{} | [#kura_changeset{}]},
                                       prepare :: [fun((#kura_changeset{}) -> #kura_changeset{})],
                                       optimistic_lock :: atom() | undefined}),
               map()) ->
                  {ok, map()} |
                  {error,
                   #kura_changeset{valid :: boolean(),
                                   schema :: module() | undefined,
                                   data :: map(),
                                   params :: map(),
                                   changes :: map(),
                                   errors :: [{atom(), binary()}],
                                   types :: #{atom() => kura_types:kura_type()},
                                   required :: [atom()],
                                   action :: atom() | undefined,
                                   constraints ::
                                       [#kura_constraint{type ::
                                                             unique | foreign_key | check | exclusion,
                                                         constraint :: binary(),
                                                         field :: atom(),
                                                         message :: binary()}],
                                   assoc_changes :: #{atom() => #kura_changeset{} | [#kura_changeset{}]},
                                   prepare :: [fun((#kura_changeset{}) -> #kura_changeset{})],
                                   optimistic_lock :: atom() | undefined}}.

Register a new user using the provided changeset function and params.