View Source Pow.Ecto.Schema.Changeset (Pow v1.0.29)
Handles changesets functions for Pow schema.
These functions should never be called directly, but instead the functions
build in macros in Pow.Ecto.Schema
should be used. This is to ensure
that only compile time configuration is used.
Pow.Ecto.Schema.Password
is by default used to hash and verify passwords.
configuration-options
Configuration options
:password_min_length
- minimum password length, defaults to 8:password_max_length
- maximum password length, defaults to 4096:password_hash_methods
- the password hash and verify functions to use, defaults to:{&Pow.Ecto.Schema.Password.pbkdf2_hash/1, &Pow.Ecto.Schema.Password.pbkdf2_verify/2}
:email_validator
- the email validation function, defaults to:&Pow.Ecto.Schema.Changeset.validate_email/1
The function should either return
:ok
,:error
, or{:error, reason}
.
Link to this section Summary
Functions
Validates the confirm password field.
Validates the current password field.
Validates the password field.
Validates the password field.
Validates the user id field.
Validates an e-mail.
Verifies a password in a struct.
Link to this section Functions
@spec confirm_password_changeset( Ecto.Schema.t() | Ecto.Changeset.t(), map(), Pow.Config.t() ) :: Ecto.Changeset.t()
Validates the confirm password field.
Requires password
and confirm_password
params to be equal. Validation is
only performed if a change for :password
exists and the change is not
nil
.
@spec current_password_changeset( Ecto.Schema.t() | Ecto.Changeset.t(), map(), Pow.Config.t() ) :: Ecto.Changeset.t()
Validates the current password field.
It's only required to provide a current password if the password_hash
value exists in the data struct.
@spec new_password_changeset( Ecto.Schema.t() | Ecto.Changeset.t(), map(), Pow.Config.t() ) :: Ecto.Changeset.t()
Validates the password field.
A password hash is generated by using :password_hash_methods
in the
configuration. The password is always required if the password hash is nil
,
and it's required to be between :password_min_length
to
:password_max_length
characters long.
The password hash is only generated if the changeset is valid, but always required.
@spec password_changeset(Ecto.Schema.t() | Ecto.Changeset.t(), map(), Pow.Config.t()) :: Ecto.Changeset.t()
Validates the password field.
Calls confirm_password_changeset/3
and new_password_changeset/3
.
@spec user_id_field_changeset( Ecto.Schema.t() | Ecto.Changeset.t(), map(), Pow.Config.t() ) :: Ecto.Changeset.t()
Validates the user id field.
The user id field is always required. It will be treated as case insensitive,
and it's required to be unique. If the user id field is :email
, the value
will be validated as an e-mail address too.
Validates an e-mail.
This implementation has the following rules:
- Split into local-part and domain at last
@
occurance - Local-part should;
- be at most 64 octets
- separate quoted and unquoted content with a single dot
- only have letters, digits, and the following characters outside quoted
content:
!#$%&'*+-/=?^_`{|}~.
- not have any consecutive dots outside quoted content
- Domain should;
- be at most 255 octets
- only have letters, digits, hyphen, and dots
Unicode characters are permitted in both local-part and domain.
The implementation is based on RFC 3696.
IP addresses are not allowed as per the RFC 3696 specification: "The domain name can also be replaced by an IP address in square brackets, but that form is strongly discouraged except for testing and troubleshooting purposes.".
@spec verify_password(Ecto.Schema.t(), binary(), Pow.Config.t()) :: boolean()
Verifies a password in a struct.
The password will be verified by using the :password_hash_methods
in the
configuration.
To prevent timing attacks, a blank password will be passed to the hash method
in the :password_hash_methods
configuration option if the :password_hash
is nil
.