architex/lib/matrix_server/schema/account.ex

defmodule MatrixServer.Account do
  use Ecto.Schema

  import Ecto.{Changeset, Query}

  alias MatrixServer.{Repo, Account, Device, Room, JoinedRoom}
  alias MatrixServerWeb.Client.Request.{Register, Login}
  alias Ecto.{Multi, Changeset}

  @type t :: %__MODULE__{
          password_hash: String.t()
        }

  @max_mxid_length 255

  schema "accounts" do
    field :localpart, :string
    field :password_hash, :string, redact: true
    has_many :devices, Device

    many_to_many :joined_rooms, Room,
      join_through: JoinedRoom,
      join_keys: [account_id: :id, room_id: :id]

    timestamps(updated_at: false)
  end

  @doc """
  Reports whether the given user localpart is available on this server.
  """
  @spec available?(String.t()) :: :ok | {:error, :user_in_use | :invalid_username}
  def available?(localpart) when is_binary(localpart) do
    if Regex.match?(MatrixServer.localpart_regex(), localpart) and
         String.length(localpart) <= localpart_length() do
      if Repo.one!(
           Account
           |> where([a], a.localpart == ^localpart)
           |> select([a], count(a))
         ) == 0 do
        :ok
      else
        {:error, :user_in_use}
      end
    else
      {:error, :invalid_username}
    end
  end

  @doc """
  Return an multi to register a new user.
  """
  @spec register(Register.t()) :: Multi.t()
  def register(%Register{username: username, device_id: device_id, initial_device_display_name: initial_device_display_name, password: password}) do
    localpart = username || MatrixServer.random_string(10, ?a..?z)

    account_params = %{
      localpart: localpart,
      password_hash: Bcrypt.hash_pwd_salt(password)
    }

    Multi.new()
    |> Multi.insert(:account, changeset(%Account{}, account_params))
    |> Multi.insert(:device, fn %{account: account} ->
      device_id = device_id || Device.generate_device_id(account.localpart)
      access_token = Device.generate_access_token(localpart, device_id)

      device_params = %{
        display_name: initial_device_display_name,
        device_id: device_id
      }

      Ecto.build_assoc(account, :devices, access_token: access_token)
      |> Device.changeset(device_params)
    end)
  end

  @doc """
  Return a function to log a user in.
  """
  @spec login(Login.t()) :: (Ecto.Repo.t() -> {:error, any()} | {:ok, {Account.t(), Device.t()}})
  def login(%Login{password: password, identifier: %Login.Identifier{user: user}} = input) do
    localpart = try_get_localpart(user)

    fn repo ->
      case repo.one(from a in Account, where: a.localpart == ^localpart) do
        %Account{password_hash: hash} = account ->
          if Bcrypt.verify_pass(password, hash) do
            case Device.login(input, account) do
              {:ok, device} ->
                {account, device}

              {:error, _cs} ->
                repo.rollback(:forbidden)
            end
          else
            repo.rollback(:forbidden)
          end

        nil ->
          repo.rollback(:forbidden)
      end
    end
  end

  @doc """
  Get a device and its associated account using the device's access token.
  """
  @spec by_access_token(String.t()) :: {Account.t(), Device.t()} | nil
  def by_access_token(access_token) do
    Device
    |> where([d], d.access_token == ^access_token)
    |> join(:inner, [d], a in assoc(d, :account))
    |> select([d, a], {a, d})
    |> Repo.one()
  end

  @spec changeset(map(), map()) :: Changeset.t()
  def changeset(account, params \\ %{}) do
    # TODO: fix password_hash in params
    account
    |> cast(params, [:localpart, :password_hash])
    |> validate_required([:localpart, :password_hash])
    |> validate_length(:password_hash, max: 60)
    |> validate_format(:localpart, MatrixServer.localpart_regex())
    |> validate_length(:localpart, max: localpart_length())
    |> unique_constraint(:localpart, name: :accounts_localpart_index)
  end

  @spec localpart_length :: integer()
  defp localpart_length do
    # Subtract the "@" and ":" in the MXID.
    @max_mxid_length - 2 - String.length(MatrixServer.server_name())
  end

  @spec try_get_localpart(String.t()) :: String.t()
  defp try_get_localpart("@" <> rest = user_id) do
    case String.split(rest, ":", parts: 2) do
      [localpart, _] -> localpart
      _ -> user_id
    end
  end

  defp try_get_localpart(localpart), do: localpart

  @doc """
  Get the matrix user ID of an account.
  """
  @spec get_mxid(Account.t()) :: String.t()
  def get_mxid(%Account{localpart: localpart}) do
    "@" <> localpart <> ":" <> MatrixServer.server_name()
  end
end