# frozen_string_literal: true module Maquina class User < ApplicationRecord include Maquina::Searchable include Maquina::RetainPasswords include Maquina::AuthenticateBy include Maquina::Blockeable include Maquina::Multifactor PASSWORD_COMPLEXITY_REGEX = /\A(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[@$!%*?&#-=+])[A-Za-z\d@$!%*?&#-=+]{8,}\z/ has_secure_password validates :email, presence: true, uniqueness: true, format: {with: URI::MailTo::EMAIL_REGEXP} validates :password, format: {with: PASSWORD_COMPLEXITY_REGEX}, unless: ->(user) { user.password.blank? } before_save :downcase_email search_scope(fields: [:email]) def expired_password? return false if password_expires_at.blank? password_expires_at < Time.zone.now end private def downcase_email self.email = email.downcase end end end