View Source AshAuthentication.Strategy.Password.PasswordValidation (ash_authentication v4.0.0)
A convenience validation that checks that the password argument against the hashed password stored in the record.
You can use this validation in your changes where you want the user to enter their current password before being allowed to make a change (eg in a password change flow).
Options:
You can provide these options either in the DSL options, or in the changeset context.
strategy_name
- the name of the authentication strategy to use. Required.password_argument
- the name of the argument to check for the current password. If missing this will default to thepassword_field
value configured on the strategy.
Examples
defmodule MyApp.Accounts.User do
# ...
actions do
update :change_password do
accept []
argument :current_password, :string, sensitive?: true, allow_nil?: false
argument :password, :string, sensitive?: true, allow_nil?: false
argument :password_confirmation, :string, sensitive?: true, allow_nil?: false
validate confirm(:password, :password_confirmation)
validate {AshAuthentication.Strategy.Password.PasswordValidation, strategy_name: :password, password_argument: :current_password}
change {AshAuthentication.Strategy.Password.HashPasswordChange, strategy_name: :password}
end
end
# ...
end