m_identity (zotonic_core v1.0.0-rc.14)

Manage identities of users. An identity can be an username/password, openid, oauth credentials etc.

Link to this section Summary

Functions

Return the rsc_id with the given username/password. If succesful then updates the 'visited' timestamp of the entry.
Return the rsc_id with the given username/password. If succesful then updates the 'visited' timestamp of the entry. Uses a timer to level the time difference between existing and non existing accounts.
Delete an username from a resource.
Ensure that the user has an associated username and password
Fetch a specific identity entry.
Fetch all credentials belonging to the user "id"
Fetch all credentials belonging to the user "id" and of a certain type
Return the username and last login of the current user.
Return the username and last login of the resource id, undefined if no username
Return the username of the current user
Return the username of the resource id, undefined if no username
Hash a password, using bcrypt
Compare if a password is the same as a hash.
Create an identity record.
Create an unique identity record.
Check if the primary email address of the user is verified.
Check if the tcp/ip peer address is a allowed ip address
Prevent insert of reserved usernames. See: http://tools.ietf.org/html/rfc2142 See: https://arstechnica.com/security/2015/03/bogus-ssl-certificate
Check if the resource has any credentials that will make them an user
Check if there is a verified identity for the user, beyond the username_pw
Fetch the value for the key from a model source
Move the identities of two resources, the identities are removed from the source id.
Check if the password hash needs to be rehashed.
Mark the username_pw identity of an user as 'expired', this forces a prompt for a password reset on the next authentication.
Mark the username_pw identity of an user as 'expired', this forces a prompt for a password reset on the next authentication.
Change the username of the resource id, only possible if there is already an username/password set
Set the username/password of a resource. Replaces any existing username/password.
Set the verified flag on a record by identity id.
Set the verified flag on a record by rescource id, identity type and value (eg an user's email address).
Set the visited timestamp for the given user.

Link to this section Types

Link to this type

bcrypt_hash/0

-type bcrypt_hash() :: {bcrypt, binary()}.
-type hash() :: bcrypt_hash() | sha1_salted_hash().
-type identity() :: proplists:proplist().
-type key() :: atom() | binary() | string().
-type password() :: iodata().
Link to this type

sha1_salted_hash/0

-type sha1_salted_hash() :: {hash, binary(), binary()}.
-type type() :: atom() | binary() | string().

Link to this section Functions

Link to this function

check_username_pw(Username, Password, Context)

-spec check_username_pw(Username, Password, Context) -> Result
                     when
                         Username :: binary() | string(),
                         Password :: binary() | string(),
                         Context :: z:context(),
                         Result :: {ok, m_rsc:resource_id()} | {error, term()}.
Return the rsc_id with the given username/password. If succesful then updates the 'visited' timestamp of the entry.
Link to this function

check_username_pw(Username, Password, QueryArgs, Context)

-spec check_username_pw(Username, Password, QueryArgs, Context) -> Result
                     when
                         Username :: binary() | string(),
                         Password :: binary() | string(),
                         QueryArgs :: list() | map(),
                         Context :: z:context(),
                         Result :: {ok, m_rsc:resource_id()} | {error, term()}.
Return the rsc_id with the given username/password. If succesful then updates the 'visited' timestamp of the entry. Uses a timer to level the time difference between existing and non existing accounts.
Link to this function

delete(IdnId, Context)

Link to this function

delete_by_type(Rsc, Type, Context)

-spec delete_by_type(m_rsc:resource(), type(), z:context()) -> ok.
Link to this function

delete_by_type_and_key(Rsc, Type, Key, Context)

-spec delete_by_type_and_key(m_rsc:resource(), type(), key(), z:context()) -> ok.
Link to this function

delete_by_type_and_keyprefix(Rsc, Type, Key, Context)

-spec delete_by_type_and_keyprefix(m_rsc:resource(), type(), key(), z:context()) -> ok.
Link to this function

delete_username(RscId, Context)

-spec delete_username(m_rsc:resource() | undefined, z:context()) -> ok | {error, eacces | enoent}.
Delete an username from a resource.
Link to this function

ensure_username_pw(Id, Context)

-spec ensure_username_pw(m_rsc:resource(), z:context()) -> ok | {error, term()}.
Ensure that the user has an associated username and password
Link to this function

generate_username(Id, Context)

Link to this function

get(IdnId, Context)

Fetch a specific identity entry.
Link to this function

get_rsc(Id, Context)

-spec get_rsc(m_rsc:resource(), z:context()) -> list().
Fetch all credentials belonging to the user "id"
Link to this function

get_rsc(Id, Type, Context)

-spec get_rsc(m_rsc:resource_id(), type(), z:context()) -> list() | undefined.
Link to this function

get_rsc_by_type(Id, Type, Context)

-spec get_rsc_by_type(m_rsc:resource(), type(), z:context()) -> list().
Fetch all credentials belonging to the user "id" and of a certain type
Link to this function

get_rsc_by_type_key(Id, Type, Key, Context)

-spec get_rsc_by_type_key(m_rsc:resource_id(), type(), key(), z:context()) -> list().
Link to this function

get_rsc_by_type_keyprefix(Id, Type, KeyPrefix, Context)

-spec get_rsc_by_type_keyprefix(m_rsc:resource_id(), type(), key(), z:context()) -> list().
Link to this function

get_user_info(Context)

-spec get_user_info(z:context()) -> map().
Return the username and last login of the current user.
Link to this function

get_user_info(Rsc, Context)

-spec get_user_info(m_rsc:resource() | undefined, z:context()) -> map().
Return the username and last login of the resource id, undefined if no username
Link to this function

get_username(Context)

-spec get_username(z:context()) -> binary() | undefined.
Return the username of the current user
Link to this function

get_username(RscId, Context)

-spec get_username(m_rsc:resource(), z:context()) -> binary() | undefined.
Return the username of the resource id, undefined if no username
-spec hash(password()) -> bcrypt_hash().
Hash a password, using bcrypt
Link to this function

hash_is_equal(Pw, _)

-spec hash_is_equal(password(), hash()) -> boolean().
Compare if a password is the same as a hash.
Link to this function

insert(Rsc, Type, Key, Context)

-spec insert(m_rsc:resource(), type(), key(), z:context()) -> {ok, pos_integer()} | {error, invalid_key}.
Create an identity record.
Link to this function

insert(Rsc, Type, Key, Props, Context)

Link to this function

insert_single(Rsc, Type, Key, Context)

-spec insert_single(m_rsc:resource(), type(), key(), z:context()) ->
                 {ok, pos_integer()} | {error, invalid_key}.
Link to this function

insert_single(Rsc, Type, Key, Props, Context)

Link to this function

insert_unique(RscId, Type, Key, Context)

Create an unique identity record.
Link to this function

insert_unique(RscId, Type, Key, Props, Context)

Link to this function

is_email_verified(Context)

Check if the primary email address of the user is verified.
Link to this function

is_email_verified(UserId, Context)

Link to this function

is_peer_allowed(Context)

Check if the tcp/ip peer address is a allowed ip address
Link to this function

is_reserved_name(List)

Prevent insert of reserved usernames. See: http://tools.ietf.org/html/rfc2142 See: https://arstechnica.com/security/2015/03/bogus-ssl-certificate
Link to this function

is_user(Id, Context)

-spec is_user(m_rsc:resource(), z:context()) -> boolean().
Check if the resource has any credentials that will make them an user
Link to this function

is_valid_key(Type, Key, Context)

-spec is_valid_key(type(), undefined | key(), z:context()) -> boolean().
Link to this function

is_verified(RscId, Context)

-spec is_verified(m_rsc:resource_id(), z:context()) -> boolean().
Check if there is a verified identity for the user, beyond the username_pw
Link to this function

lookup_by_type_and_key(Type, Key, Context)

-spec lookup_by_type_and_key(type(), key(), z:context()) -> identity() | undefined.
Link to this function

lookup_by_type_and_key_multi(Type, Key, Context)

-spec lookup_by_type_and_key_multi(type(), key(), z:context()) -> [identity()].
Link to this function

lookup_by_username(Key, Context)

-spec lookup_by_username(key(), z:context()) -> identity() | undefined.
Link to this function

lookup_by_verify_key(Key, Context)

-spec lookup_by_verify_key(key(), z:context()) -> identity() | undefined.
Link to this function

lookup_users_by_type_and_key(Type, Key, Context)

-spec lookup_users_by_type_and_key(type(), key(), z:context()) -> [identity()].
Link to this function

lookup_users_by_verified_type_and_key(Type, Key, Context)

-spec lookup_users_by_verified_type_and_key(type(), key(), z:context()) -> [identity()].
Link to this function

m_get(Rest, Msg, Context)

-spec m_get(list(), zotonic_model:opt_msg(), z:context()) -> zotonic_model:return().
Fetch the value for the key from a model source
Link to this function

merge(WinnerId, LoserId, Context)

-spec merge(m_rsc:resource(), m_rsc:resource(), z:context()) -> ok | {error, term()}.
Move the identities of two resources, the identities are removed from the source id.
Link to this function

needs_rehash(_)

-spec needs_rehash(hash()) -> boolean().
Check if the password hash needs to be rehashed.
Link to this function

normalize_key(Type, Key)

-spec normalize_key(type(), key() | undefined) -> key() | undefined.
Link to this function

set_by_type(RscId, Type, Key, Context)

-spec set_by_type(m_rsc:resource_id(), type(), key(), z:context()) -> ok.
Link to this function

set_by_type(RscId, Type, Key, Props, Context)

-spec set_by_type(m_rsc:resource_id(), type(), key(), term(), z:context()) -> ok.
Link to this function

set_expired(UserId, DateTime, Context)

-spec set_expired(UserId, DateTime, Context) -> ok | {error, enoent}
               when
                   UserId :: m_rsc:resource_id(),
                   DateTime :: undefined | boolean() | calendar:datetime(),
                   Context :: z:context().
Mark the username_pw identity of an user as 'expired', this forces a prompt for a password reset on the next authentication.
Link to this function

set_identity_expired(IdnId, DateTime, Context)

-spec set_identity_expired(IdnId, DateTime, Context) -> ok | {error, enoent}
                        when
                            IdnId :: pos_integer(),
                            DateTime :: undefined | boolean() | calendar:datetime(),
                            Context :: z:context().
Mark the username_pw identity of an user as 'expired', this forces a prompt for a password reset on the next authentication.
Link to this function

set_username(Id, Username, Context)

-spec set_username(m_rsc:resource() | undefined, binary() | string(), z:context()) ->
                ok | {error, eacces | enoent | eexist}.
Change the username of the resource id, only possible if there is already an username/password set
Link to this function

set_username_pw(Id, Username, Password, Context)

-spec set_username_pw(m_rsc:resource() | undefined,
                binary() | string(),
                binary() | string(),
                z:context()) ->
                   ok | {error, Reason :: term()}.
Set the username/password of a resource. Replaces any existing username/password.
Link to this function

set_verified(IdnId, Context)

-spec set_verified(IdnId, Context) -> ok | {error, notfound}
                when IdnId :: pos_integer(), Context :: z:context().
Set the verified flag on a record by identity id.
Link to this function

set_verified(RscId, Type, Key, Context)

-spec set_verified(m_rsc:resource_id(), type(), key(), z:context()) -> ok | {error, badarg}.
Set the verified flag on a record by rescource id, identity type and value (eg an user's email address).
Link to this function

set_verify_key(IdnId, Context)

-spec set_verify_key(IdnId, z:context()) -> {ok, VerifyKey}
                  when IdnId :: pos_integer(), VerifyKey :: binary().
Link to this function

set_visited(UserId, Context)

-spec set_visited(m_rsc:resource_id(), z:context()) -> ok | {error, enoent}.
Set the visited timestamp for the given user.