+ |> create_changeset()
+ |> Repo.insert()
+ end
+
+ @spec create_changeset(map()) :: Changeset.t()
+ def create_changeset(attrs \\ %{}) do
+ %Authorization{}
+ |> cast(attrs, [:user_id, :app_id, :scopes, :valid_until])
+ |> validate_required([:app_id, :scopes])
+ |> add_token()
+ |> add_lifetime()
+ end
+
+ defp add_token(changeset) do
+ token = :crypto.strong_rand_bytes(32) |> Base.url_encode64(padding: false)
+ put_change(changeset, :token, token)
+ end
+
+ defp add_lifetime(changeset) do
+ put_change(changeset, :valid_until, NaiveDateTime.add(NaiveDateTime.utc_now(), 60 * 10))
+ end
+
+ @spec use_changeset(Authtorizatiton.t(), map()) :: Changeset.t()
+ def use_changeset(%Authorization{} = auth, params) do
+ auth
+ |> cast(params, [:used])
+ |> validate_required([:used])
+ end
+
+ @spec use_token(Authorization.t()) ::
+ {:ok, Authorization.t()} | {:error, Changeset.t()} | {:error, String.t()}
+ def use_token(%Authorization{used: false, valid_until: valid_until} = auth) do
+ if NaiveDateTime.diff(NaiveDateTime.utc_now(), valid_until) < 0 do
+ Repo.update(use_changeset(auth, %{used: true}))
+ else
+ {:error, "token expired"}
+ end
+ end
+
+ def use_token(%Authorization{used: true}), do: {:error, "already used"}
+
+ @spec delete_user_authorizations(User.t()) :: {integer(), any()}
+ def delete_user_authorizations(%User{} = user) do
+ user
+ |> delete_by_user_query
+ |> Repo.delete_all()
+ end
+
+ def delete_by_user_query(%User{id: user_id}) do
+ from(a in __MODULE__, where: a.user_id == ^user_id)
+ end