User schema for PhoenixKit authentication system.
This schema defines the core user entity with email-based authentication and account management features.
Fields
email: User's email address (unique, required for authentication)password: Virtual field for password input (redacted in logs)hashed_password: Bcrypt-hashed password stored in database (redacted)current_password: Virtual field for password confirmation (redacted)confirmed_at: Timestamp when email was confirmed (nil for unconfirmed accounts)
Security Features
- Password hashing with bcrypt
- Email uniqueness enforcement
- Password strength validation
- Sensitive field redaction in logs
- Email confirmation workflow support
Summary
Functions
Checks if a user is an admin or owner.
Confirms the account by setting confirmed_at.
A user changeset for updating custom fields.
A user changeset for changing the email.
Returns list of fields excluded from get_user_field for security.
Gets the user's full name by combining first and last name.
Generate a username from an email address.
Gets the user's preferred locale from custom_fields.
Gets all roles for a user.
A user changeset for guest checkout.
Checks if a user has a specific role.
Checks if a user is an owner.
A user changeset for changing the password.
A user changeset for updating preferred locale/dialect.
A user changeset for updating profile information.
A user changeset for registration.
A user changeset for updating active status.
A user changeset for updating timezone preference.
Unconfirms the account by setting confirmed_at to nil.
Verifies the password.
Validates the current password otherwise adds an error to the changeset.
Validates a locale value for format and existence.
Types
@type t() :: %PhoenixKit.Users.Auth.User{ __meta__: term(), confirmed_at: DateTime.t() | nil, current_password: String.t() | nil, custom_fields: map() | nil, email: String.t(), first_name: String.t() | nil, hashed_password: String.t(), inserted_at: DateTime.t(), is_active: boolean(), last_name: String.t() | nil, password: String.t() | nil, registration_city: String.t() | nil, registration_country: String.t() | nil, registration_ip: String.t() | nil, registration_region: String.t() | nil, role_assignments: term(), roles: term(), updated_at: DateTime.t(), user_timezone: String.t() | nil, username: String.t() | nil, uuid: UUIDv7.t() | nil }
Functions
Checks if a user is an admin or owner.
Examples
iex> admin?(user)
trueConfirms the account by setting confirmed_at.
A user changeset for updating custom fields.
Custom fields are stored as JSONB and can contain arbitrary key-value pairs.
Examples
iex> custom_fields_changeset(user, %{custom_fields: %{"phone" => "555-1234"}})
%Ecto.Changeset{valid?: true}
iex> custom_fields_changeset(user, %{custom_fields: "invalid"})
%Ecto.Changeset{valid?: false}A user changeset for changing the email.
It requires the email to change otherwise an error is added.
Returns list of fields excluded from get_user_field for security.
These fields contain sensitive or internal data and should not be accessed via the generic field accessor.
Examples
iex> excluded_fields()
[:password, :current_password, :hashed_password, :__meta__, :__struct__]Gets the user's full name by combining first and last name.
Examples
iex> full_name(%User{first_name: "John", last_name: "Doe"})
"John Doe"
iex> full_name(%User{first_name: "John", last_name: nil})
"John"
iex> full_name(%User{first_name: nil, last_name: nil})
nilGenerate a username from an email address.
Takes the part before @ symbol, converts to lowercase, replaces dots with underscores, and ensures it meets validation requirements.
Examples
iex> generate_username_from_email("john.doe@example.com")
"john_doe"
iex> generate_username_from_email("user@example.com")
"user"Gets the user's preferred locale from custom_fields.
Returns nil if not set (indicating system default should be used).
Examples
iex> get_preferred_locale(%User{custom_fields: %{"preferred_locale" => "en-GB"}})
"en-GB"
iex> get_preferred_locale(%User{custom_fields: %{}})
nilGets all roles for a user.
Examples
iex> get_roles(user)
["Admin", "User"]A user changeset for guest checkout.
Creates a temporary user with a random password for guests who
complete checkout without registering. The user will have
confirmed_at = nil until they verify their email.
Features
- Generates a random secure password (required by DB constraint)
- Sets
custom_fields.sourceto "guest_checkout" for tracking - Generates UUID and username automatically
- Does NOT confirm the email (confirmed_at remains nil)
Examples
iex> guest_user_changeset(%User{}, %{email: "guest@example.com", first_name: "John"})
%Ecto.Changeset{valid?: true}Checks if a user has a specific role.
Examples
iex> has_role?(user, "Admin")
true
iex> has_role?(user, "Owner")
falseChecks if a user is an owner.
Examples
iex> owner?(user)
trueA user changeset for changing the password.
Options
:hash_password- Hashes the password so it can be stored securely in the database and ensures the password field is cleared to prevent leaks in the logs. If password hashing is not needed and clearing the password field is not desired (like when using this changeset for validations on a LiveView form), this option can be set tofalse. Defaults totrue.
A user changeset for updating preferred locale/dialect.
This allows authenticated users to select their preferred dialect variant
(e.g., en-GB instead of en-US) while URLs continue to show base codes.
The locale is stored in the custom_fields JSONB column.
Validation
- Format: Must match ~r/^[a-z]{2}(-[A-Z]{2})?$/
- Existence: Must exist in predefined language list
- NULL/empty allowed: Indicates "use system default"
Examples
iex> preferred_locale_changeset(user, %{preferred_locale: "en-GB"})
#Ecto.Changeset<...>
iex> preferred_locale_changeset(user, %{preferred_locale: nil})
#Ecto.Changeset<...> # Clears preference, uses defaults
iex> preferred_locale_changeset(user, %{preferred_locale: "invalid"})
#Ecto.Changeset<errors: [preferred_locale: {"must be a valid locale format", []}]>A user changeset for updating profile information.
Options
:validate_email- Validates the uniqueness of the email, in case you don't want to validate the uniqueness of the email (like when using this changeset for validations on a LiveView form before submitting the form), this option can be set tofalse. Defaults totrue.
A user changeset for registration.
It is important to validate the length of both email and password. Otherwise databases may truncate the email without warnings, which could lead to unpredictable or insecure behaviour. Long passwords may also be very expensive to hash for certain algorithms.
Options
:hash_password- Hashes the password so it can be stored securely in the database and ensures the password field is cleared to prevent leaks in the logs. If password hashing is not needed and clearing the password field is not desired (like when using this changeset for validations on a LiveView form), this option can be set tofalse. Defaults totrue.:validate_email- Validates the uniqueness of the email, in case you don't want to validate the uniqueness of the email (like when using this changeset for validations on a LiveView form before submitting the form), this option can be set tofalse. Defaults totrue.
A user changeset for updating active status.
A user changeset for updating timezone preference.
Examples
iex> timezone_changeset(user, %{"user_timezone" => "+5"})
%Ecto.Changeset{valid?: true}
iex> timezone_changeset(user, %{"user_timezone" => "invalid"})
%Ecto.Changeset{valid?: false}Unconfirms the account by setting confirmed_at to nil.
Verifies the password.
If there is no user or the user doesn't have a password, we call
Bcrypt.no_user_verify/0 to avoid timing attacks.
Validates the current password otherwise adds an error to the changeset.
Validates a locale value for format and existence.
Returns :ok if valid, {:error, message} if invalid.
Examples
iex> validate_locale_value("en-US")
:ok
iex> validate_locale_value("invalid")
{:error, "must be a valid locale format (e.g., en-US, es-MX)"}