From 074e208174f752c9d7ba313965535392d349603a Mon Sep 17 00:00:00 2001 From: Shadowfacts Date: Wed, 2 Oct 2019 17:04:56 -0400 Subject: [PATCH] Add user passwords --- lib/clacks/user.ex | 26 +++++++++++++++++-- lib/mix/tasks/clacks/user.ex | 5 ++-- mix.exs | 3 ++- mix.lock | 3 +++ ...20191002210352_users_add_password_hash.exs | 9 +++++++ 5 files changed, 41 insertions(+), 5 deletions(-) create mode 100644 priv/repo/migrations/20191002210352_users_add_password_hash.exs diff --git a/lib/clacks/user.ex b/lib/clacks/user.ex index 8dcca89..576286f 100644 --- a/lib/clacks/user.ex +++ b/lib/clacks/user.ex @@ -7,6 +7,8 @@ defmodule Clacks.User do schema "users" do field :username, :string field :private_key, :string + field :password, :string, virtual: true + field :password_hash, :string has_one :actor, Clacks.Actor @@ -15,7 +17,27 @@ defmodule Clacks.User do def changeset(%__MODULE__{} = schema, attrs) do schema - |> cast(attrs, [:username, :private_key]) - |> validate_required([:username, :private_key]) + |> cast(attrs, [:username, :private_key, :password_hash]) + |> validate_required([:username, :private_key, :password_hash]) + end + + def registration_changeset(%__MODULE__{} = schema, attrs) do + schema + |> cast(attrs, [:username, :private_key, :password]) + |> validate_length(:password, min: 8) + |> put_password_hash() + end + + def change_password_changeset(%__MODULE__{} = schema, attrs) do + schema + |> cast(attrs, [:password]) + |> validate_length(:password, min: 8) + |> put_password_hash() + end + + defp put_password_hash( + %Ecto.Changeset{valid?: true, changes: %{password: password}} = changeset + ) do + change(changeset, Bcrypt.add_hash(password)) end end diff --git a/lib/mix/tasks/clacks/user.ex b/lib/mix/tasks/clacks/user.ex index 23a4ccd..8033a9c 100644 --- a/lib/mix/tasks/clacks/user.ex +++ b/lib/mix/tasks/clacks/user.ex @@ -5,13 +5,14 @@ defmodule Mix.Tasks.Clacks.User do @shortdoc "Creates a new user" def run(["create"]) do username = IO.gets("Username: ") |> String.trim() - # password = IO.gets("Password: ") |> String.trim() + password = IO.gets("Password: ") |> String.trim() {:ok, pem} = Keys.generate_rsa_pem() {:ok, _private, public} = Keys.keys_from_private_key_pem(pem) {:ok, public_key_pem} = Keys.public_key_pem(public) - changeset = User.changeset(%User{}, %{username: username, private_key: pem}) + changeset = + User.changeset(%User{}, %{username: username, private_key: pem, password: password}) # start the app so the DB connection is established Mix.Task.run("app.start") diff --git a/mix.exs b/mix.exs index 50e01ff..563c95a 100644 --- a/mix.exs +++ b/mix.exs @@ -48,7 +48,8 @@ defmodule Clacks.MixProject do git: "https://git.pleroma.social/pleroma/http_signatures.git", ref: "293d77bb6f4a67ac8bde1428735c3b42f22cbb30"}, {:httpoison, "~> 1.5.1"}, - {:timex, "~> 3.6.1"} + {:timex, "~> 3.6.1"}, + {:bcrypt_elixir, "~> 2.0"} ] end diff --git a/mix.lock b/mix.lock index 5cd680b..930c62f 100644 --- a/mix.lock +++ b/mix.lock @@ -1,7 +1,9 @@ %{ "base62": {:hex, :base62, "1.2.1", "4866763e08555a7b3917064e9eef9194c41667276c51b59de2bc42c6ea65f806", [:mix], [{:custom_base, "~> 0.2.1", [hex: :custom_base, repo: "hexpm", optional: false]}], "hexpm"}, + "bcrypt_elixir": {:hex, :bcrypt_elixir, "2.0.3", "64e0792d5b5064391927bf3b8e436994cafd18ca2d2b76dea5c76e0adcf66b7c", [:make, :mix], [{:comeonin, "~> 5.1", [hex: :comeonin, repo: "hexpm", optional: false]}, {:elixir_make, "~> 0.4", [hex: :elixir_make, repo: "hexpm", optional: false]}], "hexpm"}, "certifi": {:hex, :certifi, "2.5.1", "867ce347f7c7d78563450a18a6a28a8090331e77fa02380b4a21962a65d36ee5", [:rebar3], [{:parse_trans, "~>3.3", [hex: :parse_trans, repo: "hexpm", optional: false]}], "hexpm"}, "combine": {:hex, :combine, "0.10.0", "eff8224eeb56498a2af13011d142c5e7997a80c8f5b97c499f84c841032e429f", [:mix], [], "hexpm"}, + "comeonin": {:hex, :comeonin, "5.1.2", "fbbbbbfcf0f0e9900c0336d16c8d462edf838ba1759577e29cc5fbd7c28a4540", [:mix], [], "hexpm"}, "connection": {:hex, :connection, "1.0.4", "a1cae72211f0eef17705aaededacac3eb30e6625b04a6117c1b2db6ace7d5976", [:mix], [], "hexpm"}, "cowboy": {:hex, :cowboy, "2.6.3", "99aa50e94e685557cad82e704457336a453d4abcb77839ad22dbe71f311fcc06", [:rebar3], [{:cowlib, "~> 2.7.3", [hex: :cowlib, repo: "hexpm", optional: false]}, {:ranch, "~> 1.7.1", [hex: :ranch, repo: "hexpm", optional: false]}], "hexpm"}, "cowlib": {:hex, :cowlib, "2.7.3", "a7ffcd0917e6d50b4d5fb28e9e2085a0ceb3c97dea310505f7460ff5ed764ce9", [:rebar3], [], "hexpm"}, @@ -10,6 +12,7 @@ "decimal": {:hex, :decimal, "1.8.0", "ca462e0d885f09a1c5a342dbd7c1dcf27ea63548c65a65e67334f4b61803822e", [:mix], [], "hexpm"}, "ecto": {:hex, :ecto, "3.2.1", "a0f9af0fb50b19d3bb6237e512ac0ba56ea222c2bbea92e7c6c94897932c76ba", [:mix], [{:decimal, "~> 1.6", [hex: :decimal, repo: "hexpm", optional: false]}, {:jason, "~> 1.0", [hex: :jason, repo: "hexpm", optional: true]}], "hexpm"}, "ecto_sql": {:hex, :ecto_sql, "3.2.0", "751cea597e8deb616084894dd75cbabfdbe7255ff01e8c058ca13f0353a3921b", [:mix], [{:db_connection, "~> 2.1", [hex: :db_connection, repo: "hexpm", optional: false]}, {:ecto, "~> 3.2.0", [hex: :ecto, repo: "hexpm", optional: false]}, {:myxql, "~> 0.2.0", [hex: :myxql, repo: "hexpm", optional: true]}, {:postgrex, "~> 0.15.0", [hex: :postgrex, repo: "hexpm", optional: true]}, {:telemetry, "~> 0.4.0", [hex: :telemetry, repo: "hexpm", optional: false]}], "hexpm"}, + "elixir_make": {:hex, :elixir_make, "0.6.0", "38349f3e29aff4864352084fc736fa7fa0f2995a819a737554f7ebd28b85aaab", [:mix], [], "hexpm"}, "file_system": {:hex, :file_system, "0.2.7", "e6f7f155970975789f26e77b8b8d8ab084c59844d8ecfaf58cbda31c494d14aa", [:mix], [], "hexpm"}, "flake_id": {:hex, :flake_id, "0.1.0", "7716b086d2e405d09b647121a166498a0d93d1a623bead243e1f74216079ccb3", [:mix], [{:base62, "~> 1.2", [hex: :base62, repo: "hexpm", optional: false]}, {:ecto, ">= 2.0.0", [hex: :ecto, repo: "hexpm", optional: true]}], "hexpm"}, "gettext": {:hex, :gettext, "0.17.0", "abe21542c831887a2b16f4c94556db9c421ab301aee417b7c4fbde7fbdbe01ec", [:mix], [], "hexpm"}, diff --git a/priv/repo/migrations/20191002210352_users_add_password_hash.exs b/priv/repo/migrations/20191002210352_users_add_password_hash.exs new file mode 100644 index 0000000..6e001b2 --- /dev/null +++ b/priv/repo/migrations/20191002210352_users_add_password_hash.exs @@ -0,0 +1,9 @@ +defmodule Clacks.Repo.Migrations.UsersAddPasswordHash do + use Ecto.Migration + + def change do + alter table(:users) do + add :password_hash, :string + end + end +end