# `Sigra.Account` [🔗](https://github.com/sztheory/sigra/blob/v1.20.0/lib/sigra/account.ex#L1) Account lifecycle orchestrator. Provides a unified API for email change, password change, and account deletion. Each operation delegates to its specialized module: - `Sigra.Account.EmailChange` for email change flows - `Sigra.Account.PasswordChange` for password management - `Sigra.Account.Deletion` for account deletion lifecycle All functions follow the library pattern: they receive `repo` as the first argument and options keyword list with schema references and config. The generated `MyApp.Auth` context delegates to these functions. ## Email Change (D-01 to D-10) Sigra.Account.request_email_change(repo, user, "new@example.com", opts) Sigra.Account.confirm_email_change(repo, token, opts) Sigra.Account.cancel_email_change(repo, user, opts) ## Password Change (D-34 to D-45) Sigra.Account.change_password(repo, user, "current", %{password: "new"}, opts) Sigra.Account.set_password(repo, user, %{password: "new"}, opts) Sigra.Account.clear_password_change_requirement(repo, user, opts) ## Account Deletion (D-11 to D-33) Sigra.Account.schedule_deletion(repo, user, opts) Sigra.Account.cancel_deletion(repo, user, opts) Sigra.Account.execute_deletion(repo, user, opts) # `audit_forced_password_change` *since 0.9.0* > This function is deprecated. Use clear_password_change_requirement/3 when :audit_schema is configured; do not call this function for the same forced-clear completion or you may duplicate audit rows.. ```elixir @spec audit_forced_password_change( keyword(), term() ) :: :ok ``` Audit a forced password change completion event. Called by subsystems that complete a forced-password change path (e.g., `Sigra.Account.PasswordChange.clear_force_change/2`). Writes a `account.password_change` audit row with `metadata: %{forced: true}`. Prefer `clear_password_change_requirement/3` when `:audit_schema` is configured so the domain update and audit share one transaction. # `cancel_deletion` *since 0.8.0* Cancel scheduled deletion and reactivate account. # `cancel_email_change` *since 0.8.0* Cancel a pending email change. # `change_password` *since 0.8.0* Change password with current password verification. # `clear_password_change_requirement` *since 0.2.5* ```elixir @spec clear_password_change_requirement(module(), map(), keyword()) :: {:ok, map()} | {:error, Ecto.Changeset.t()} ``` Clears the admin-enforced password change requirement after the user completes the flow. When `:audit_schema` is set in `opts`, the `must_change_password` update and the `account.password_change` audit row (`metadata: %{forced: true}`) are committed in one transaction. Otherwise delegates to `PasswordChange.clear_force_change/2` with no audit. # `confirm_email_change` *since 0.8.0* Confirm an email change via token from verification email. # `deletion_scheduled?` *since 0.8.0* Check if deletion is scheduled. # `deletion_status` *since 0.8.0* Get deletion status: {:scheduled, days_remaining} | :not_scheduled | :deleted # `execute_deletion` *since 0.8.0* Execute deletion (called by Oban worker or manual task). # `must_change_password?` *since 0.8.0* Check if user must change their password. # `request_email_change` *since 0.8.0* Request an email change. Sends verification to new address. # `require_password_change` *since 0.8.0* Admin API: require user to change password on next login. # `schedule_deletion` *since 0.8.0* Schedule account deletion with grace period. # `set_password` *since 0.8.0* Set password for OAuth-only user (no current password). Requires sudo. --- *Consult [api-reference.md](api-reference.md) for complete listing*