Edit error messages for Identity

Problem I have a User resource with an email identity constraint:

defmodule MyApp.Accounts.User do
  use Ash.Resource

  identities do
    identity :unique_email, [:email]
  end

  actions do
    update :update_profile do
      accept [:email]
      validate present([:email])
    end
  end
end

defmodule MyApp.Accounts.User do
  use Ash.Resource

  identities do
    identity :unique_email, [:email]
  end

  actions do
    update :update_profile do
      accept [:email]
      validate present([:email])
    end
  end
end

When a user tries to update their email to one that already exists, Ash returns "has already been taken" which creates a username enumeration security vulnerability, since I'm using an ash form I can figure out how to override this error to show something else, e.g.: "Your change cannot be made at this time, please contact support." What I've Tried I attempted to use after_action to catch and transform the error but seems kind of ugly and I'm convinced there is a more elegant solution

change fn changeset, _context ->
  Ash.Changeset.after_action(changeset, fn _changeset, result ->
    case result do
      {:error, error} ->
        # Try to transform "already been taken" errors
        # ... transformation logic here
      other -> other
    end
  end)
end

change fn changeset, _context ->
  Ash.Changeset.after_action(changeset, fn _changeset, result ->
    case result do
      {:error, error} ->
        # Try to transform "already been taken" errors
        # ... transformation logic here
      other -> other
    end
  end)
end

Any guidance on the proper Ash pattern for this would be greatly appreciated!

2 Replies

sevenseacat•4w ago

you can use the message option to the identity https://hexdocs.pm/ash/dsl-ash-resource.html#identities-identity

ajst7lesOP•4w ago

thank you !!

Gaming

Programming

Edit error messages for Identity

Did you find this page helpful?