1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
include Sihl.Contract.User
let log_src = Logs.Src.create ("sihl.service." ^ Sihl.Contract.User.name)
module Logs = (val Logs.src_log log_src : Logs.LOG)
module Make (Repo : User_repo.Sig) : Sihl.Contract.User.Sig = struct
let find_opt ~user_id = Repo.get ~id:user_id
let find ~user_id =
let open Lwt.Syntax in
let* m_user = find_opt ~user_id in
match m_user with
| Some user -> Lwt.return user
| None ->
Logs.err (fun m -> m "User not found with id %s" user_id);
raise (Sihl.Contract.User.Exception "User not found")
;;
let find_by_email_opt ~email =
Repo.get_by_email ~email:(String.lowercase_ascii email)
;;
let find_by_email ~email =
let open Lwt.Syntax in
let* user = find_by_email_opt ~email in
match user with
| Some user -> Lwt.return user
| None ->
Logs.err (fun m -> m "User not found with email %s" email);
raise (Sihl.Contract.User.Exception "User not found")
;;
let search ?(sort = `Desc) ?filter limit = Repo.search sort filter limit
let update_password
?(password_policy = default_password_policy)
~user
~old_password
~new_password
~new_password_confirmation
()
=
let open Lwt.Syntax in
match
validate_change_password
user
~old_password
~new_password
~new_password_confirmation
~password_policy
with
| Ok () ->
let updated_user =
match set_user_password user new_password with
| Ok user -> user
| Error msg ->
Logs.err (fun m ->
m "Can not update password of user %s: %s" user.email msg);
raise (Sihl.Contract.User.Exception msg)
in
let* () = Repo.update ~user:updated_user in
Lwt.return @@ Ok updated_user
| Error msg -> Lwt.return @@ Error msg
;;
let update_details ~user ~email ~username =
let open Lwt.Syntax in
let updated_user = set_user_details user ~email ~username in
let* () = Repo.update ~user:updated_user in
find ~user_id:user.id
;;
let set_password
?(password_policy = default_password_policy)
~user
~password
~password_confirmation
()
=
let open Lwt.Syntax in
let* result =
validate_new_password ~password ~password_confirmation ~password_policy
|> Lwt.return
in
match result with
| Error msg -> Lwt.return @@ Error msg
| Ok () ->
let updated_user =
match set_user_password user password with
| Ok user -> user
| Error msg ->
Logs.err (fun m ->
m "USER: Can not set password of user %s: %s" user.email msg);
raise (Sihl.Contract.User.Exception msg)
in
let* () = Repo.update ~user:updated_user in
Lwt_result.return updated_user
;;
let create ~email ~password ~username ~admin ~confirmed =
let open Lwt.Syntax in
let user = make ~email ~password ~username ~admin ~confirmed in
match user with
| Ok user ->
let* () = Repo.insert ~user in
Lwt.return (Ok user)
| Error msg -> raise (Sihl.Contract.User.Exception msg)
;;
let create_user ~email ~password ~username =
let open Lwt.Syntax in
let* user =
create ~email ~password ~username ~admin:false ~confirmed:false
in
let user =
match user with
| Ok user -> user
| Error msg -> raise (Sihl.Contract.User.Exception msg)
in
Lwt.return user
;;
let create_admin ~email ~password ~username =
let open Lwt.Syntax in
let* user = Repo.get_by_email ~email in
let* () =
match user with
| Some _ ->
Logs.err (fun m ->
m "Can not create admin %s since the email is already taken" email);
raise (Sihl.Contract.User.Exception "Email already taken")
| None -> Lwt.return ()
in
let* user = create ~email ~password ~username ~admin:true ~confirmed:true in
let user =
match user with
| Ok user -> user
| Error msg ->
Logs.err (fun m -> m "Can not create admin %s %s" email msg);
raise (Sihl.Contract.User.Exception msg)
in
Lwt.return user
;;
let register_user
?(password_policy = default_password_policy)
?username
~email
~password
~password_confirmation
()
=
let open Lwt.Syntax in
let open Sihl.Contract.User in
match
validate_new_password ~password ~password_confirmation ~password_policy
with
| Error msg -> Lwt_result.fail @@ InvalidPasswordProvided msg
| Ok () ->
let* user = find_by_email_opt ~email in
(match user with
| None -> create_user ~username ~email ~password |> Lwt.map Result.ok
| Some _ -> Lwt_result.fail AlreadyRegistered)
;;
let login ~email ~password =
let open Lwt.Syntax in
let open Sihl.Contract.User in
let* user = find_by_email_opt ~email in
match user with
| None -> Lwt_result.fail DoesNotExist
| Some user ->
if matches_password password user
then Lwt_result.return user
else Lwt_result.fail IncorrectPassword
;;
let start () = Lwt.return ()
let stop () = Lwt.return ()
let create_admin_cmd =
let open Lwt.Syntax in
Sihl.Command.make
~name:"createadmin"
~help:"<username> <email> <password>"
~description:"Create an admin user"
(fun args ->
match args with
| [ username; email; password ] ->
let* () = start () in
create_admin ~email ~password ~username:(Some username)
|> Lwt.map ignore
| _ ->
raise (Sihl.Command.Exception "Usage: <username> <email> <password>"))
;;
let lifecycle =
Sihl.Container.create_lifecycle
Sihl.Contract.User.name
~dependencies:(fun () -> Repo.lifecycles)
~start
~stop
;;
let register () =
Repo.register_migration ();
Repo.register_cleaner ();
Sihl.Container.Service.create ~commands:[ create_admin_cmd ] lifecycle
;;
end
module PostgreSql =
Make (User_repo.MakePostgreSql (Sihl.Database.Migration.PostgreSql))
module MariaDb = Make (User_repo.MakeMariaDb (Sihl.Database.Migration.MariaDb))
module Password_reset = struct
module MakePostgreSql (TokenService : Sihl.Contract.Token.Sig) =
Password_reset.Make (PostgreSql) (TokenService)
module MakeMariaDb (TokenService : Sihl.Contract.Token.Sig) =
Password_reset.Make (MariaDb) (TokenService)
end