Add reset password store config

CHANGELOG.md

@@ -2,6 +2,7 @@
 
 ## v1.0.12 (TBA)
 
+* Added `:reset_password_token_store` configuration setting
 * To prevent timing attacks, `Pow.Ecto.Context.authenticate/2` now verifies password on a blank user struct when no user can be found for the provided user id, but will always return nil. The blank user struct has a nil `:password_hash` value. The struct will be passed along with a blank password to the `verify_password/2` method in the user schema module.
 * To prevent timing attacks, when `Pow.Ecto.Schema.Changeset.verify_password/3` receives a struct with a nil `:password_hash` value, it'll hash a blank password, but always return false.
 * To prevent timing attacks, the UUID is always generated in `PowResetPassword.Plug.create_reset_token/2` whether the user exists or not.

lib/extensions/persistent_session/plug/base.ex

@@ -7,11 +7,13 @@ defmodule PowPersistentSession.Plug.Base do
   ## Configuration options
 
     * `:persistent_session_store` - the persistent session store. This value
-      defaults to `{PersistentSessionCache, backend: EtsCache}`. The `EtsCache`
-      backend store can be changed with the `:cache_store_backend` option.
+      defaults to
+      `{PowPersistentSession.Store.PersistentSessionCache, backend: Pow.Store.Backend.EtsCache}`.
+      The `Pow.Store.Backend.EtsCache` backend store can be changed with the
+      `:cache_store_backend` option.
 
     * `:cache_store_backend` - the backend cache store. This value defaults to
-      `EtsCache`.
+      `Pow.Store.Backend.EtsCache`.
 
     * `:persistent_session_ttl` - integer value in milliseconds for TTL of
       persistent session in the backend store. This defaults to 30 days in

lib/extensions/reset_password/plug.ex

@@ -38,6 +38,12 @@ defmodule PowResetPassword.Plug do
 
   To prevent timing attacks, `Pow.UUID.generate/0` is called whether the user
   exists or not.
+
+  `:reset_password_token_store` can be passed in the config for the conn. This
+  value defaults to
+  `{PowResetPassword.Store.ResetTokenCache, backend: Pow.Store.Backend.EtsCache}`.
+  The `Pow.Store.Backend.EtsCache` backend store can be changed with the
+  `:cache_store_backend` option.
   """
   @spec create_reset_token(Conn.t(), map()) :: {:ok, map(), Conn.t()} | {:error, map(), Conn.t()}
   def create_reset_token(conn, params) do
@@ -48,7 +54,7 @@ defmodule PowResetPassword.Plug do
       |> Map.get("email")
       |> ResetPasswordContext.get_by_email(config)
 
-      maybe_store_reset_token(conn, user, token, config)
+    maybe_store_reset_token(conn, user, token, config)
   end
 
   defp maybe_store_reset_token(conn, nil, _token, _config) do
@@ -65,6 +71,9 @@ defmodule PowResetPassword.Plug do
 
   @doc """
   Fetches user from the store by the provided token.
+
+  See `create_reset_token/2` for more on `:reset_password_token_store` config
+  option.
   """
   @spec user_from_token(Conn.t(), binary()) :: map() | nil
   def user_from_token(conn, token) do
@@ -83,6 +92,9 @@ defmodule PowResetPassword.Plug do
 
   @doc """
   Updates the password for the user fetched in the connection.
+
+  See `create_reset_token/2` for more on `:reset_password_token_store` config
+  option.
   """
   @spec update_user_password(Conn.t(), map()) :: {:ok, map(), Conn.t()} | {:error, map(), Conn.t()}
   def update_user_password(conn, params) do
@@ -114,6 +126,13 @@ defmodule PowResetPassword.Plug do
   end
 
   defp store(config) do
+    case Config.get(config, :reset_password_token_store, default_store(config)) do
+      {store, store_config} -> {store, store_config}
+      store                 -> {store, []}
+    end
+  end
+
+  defp default_store(config) do
     backend = Config.get(config, :cache_store_backend, EtsCache)
 
     {ResetTokenCache, [backend: backend]}

lib/pow/plug/session.ex

@@ -27,11 +27,12 @@ defmodule Pow.Plug.Session do
       used it'll automatically prepend the key with the `:otp_app` value.
 
     * `:session_store` - the credentials cache store. This value defaults to
-      `{CredentialsCache, backend: EtsCache}`. The `EtsCache` backend store
-      can be changed with the `:cache_store_backend` option.
+      `{Pow.Store.CredentialsCache, backend: Pow.Store.Backend.EtsCache}`. The
+      `Pow.Store.Backend.EtsCache` backend store can be changed with the
+      `:cache_store_backend` option.
 
     * `:cache_store_backend` - the backend cache store. This value defaults to
-      `EtsCache`.
+      `Pow.Store.Backend.EtsCache`.
 
     * `:session_ttl_renewal` - the ttl in milliseconds to trigger renewal of
       sessions. Defaults to 15 minutes in miliseconds.