User email validation

2025-10-16 13:54:57 +02:00 · 2025-10-16 13:54:57 +02:00 · 3b0c1da1ab
commit 3b0c1da1ab
parent cde619543f
1 changed files with 29 additions and 1 deletions
--- a/lib/accounts/user.ex
+++ b/lib/accounts/user.ex
@ -166,6 +166,28 @@ defmodule Mv.Accounts.User do
      where: [action_is([:register_with_password, :admin_set_password])],
      message: "must have length of at least 8"

+    # Email validation with EctoCommons.EmailValidator (same as Member)
+    # This ensures consistency between User and Member email validation
+    validate fn changeset, _ ->
+      # Get email from attribute (Ash.CiString) and convert to string
+      email = Ash.Changeset.get_attribute(changeset, :email)
+      email_string = if email, do: to_string(email), else: nil
+
+      # Only validate if email is present
+      if email_string do
+        changeset2 =
+          {%{}, %{email: :string}}
+          |> Ecto.Changeset.cast(%{email: email_string}, [:email])
+          |> EctoCommons.EmailValidator.validate_email(:email, checks: [:html_input, :pow])
+
+        if changeset2.valid? do
+          :ok
+        else
+          {:error, field: :email, message: "is not a valid email"}
+        end
+      else
+        :ok
+      end
    end

    # Prevent overwriting existing member relationship
@ -204,7 +226,13 @@ defmodule Mv.Accounts.User do
  attributes do
    uuid_primary_key :id

-    attribute :email, :ci_string, allow_nil?: false, public?: true
+    attribute :email, :ci_string do
+      allow_nil? false
+      public? true
+      # Same constraints as Member email for consistency
+      constraints min_length: 5, max_length: 254
+    end
+
    attribute :hashed_password, :string, sensitive?: true, allow_nil?: true
    attribute :oidc_id, :string, allow_nil?: true
  end