lib/chessh/schema/player.ex


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88

defmodule Chessh.Player do
  use Ecto.Schema
  import Ecto.Changeset
  alias Chessh.{Key, Game}

  @derive {Inspect, except: [:password]}
  schema "players" do
    field(:username, :string)

    field(:password, :string, virtual: true)
    field(:hashed_password, :string)

    field(:authentications, :integer, default: 0)

    has_many(:keys, Key)
    has_many(:light_games, Game, foreign_key: :light_player_id, references: :id)
    has_many(:dark_games, Game, foreign_key: :dark_player_id, references: :id)

    timestamps()
  end

  def authentications_changeset(player, attrs) do
    player
    |> cast(attrs, [:authentications])
  end

  def registration_changeset(player, attrs, opts \\ []) do
    player
    |> cast(attrs, [:username, :password])
    |> validate_username()
    |> validate_password(opts)
  end

  def password_changeset(player, attrs, opts \\ []) do
    player
    |> cast(attrs, [:password])
    |> validate_confirmation(:password, message: "does not match password")
    |> validate_password(opts)
  end

  def valid_password?(%Chessh.Player{hashed_password: hashed_password}, password)
      when is_binary(hashed_password) and byte_size(password) > 0 do
    Bcrypt.verify_pass(password, hashed_password)
  end

  def valid_password?(_, _) do
    Bcrypt.no_user_verify()
    false
  end

  def validate_current_password(changeset, password) do
    if valid_password?(changeset.data, password) do
      changeset
    else
      add_error(changeset, :current_password, "is not valid")
    end
  end

  defp validate_username(changeset) do
    changeset
    |> validate_required([:username])
    |> validate_length(:username, min: 2, max: 16)
    |> validate_format(:username, ~r/^[a-zA-Z0-9_\-]*$/,
      message: "only letters, numbers, underscores, and hyphens allowed"
    )
    |> unique_constraint(:username)
  end

  defp validate_password(changeset, opts) do
    changeset
    |> validate_required([:password])
    |> validate_length(:password, min: 8, max: 80)
    |> maybe_hash_password(opts)
  end

  defp maybe_hash_password(changeset, opts) do
    hash_password? = Keyword.get(opts, :hash_password, true)
    password = get_change(changeset, :password)

    if hash_password? && password && changeset.valid? do
      changeset
      |> put_change(:hashed_password, Bcrypt.hash_pwd_salt(password))
      |> delete_change(:password)
    else
      changeset
    end
  end
end