A simple, secure, and highly configurable Elixir identity [username | email | id | etc.]/password authentication module to use with Map compatible data structures (ex.Ecto).
Aeacus only performs authentication, making it well suited for integration with session storage, or a token system; like Guardian or Phoenix Tokens. For convenience, authenticate/2 & authenticate_resource/3 are delegated from Aeacus (Aeacus.authenticate(...)).
Aeacus.hashpwsalt/1 delegates to the underlying crypto system to salt and hash a password.
Ecto is required only if you wish to use Aeacus.authenticate/2; if using Aeacus.authenticate_resource/3 Ecto is not required.
Aeacus requires that you have a Map compatible data structure (ex. Ecto Model) that has a UNIQUE(identity_field) and password_field. These fields can be configured to easily match your schema, whether it be username, email, or pass, password, hash, hashed_password, etc. Of course, the passwords must be stored using the same crypto system as Aeacus; The password should be salted and hashed, plaintext is heavily discouraged. See the tests for examples.
You must set the :repo and :model for Aeacus. The other options have sane defaults.
config :aeacus, Aeacus,
repo: MyApp.Repo,
model: MyApp.User,
# Optional, The following are the default options
crypto: Comeonin.Pbkdf2,
identity_field: :email,
password_field: :hashed_password,
error_message: "Invalid identity or password."Aeacus.authenticate expects a Map with keys :identity, and :password. Alternatively, Aeacus.authenticate_resource can be used if a resource is already loaded.
defmodule MyApp.SessionController do
def create(conn, params) do
case Aeacus.authenticate %{identity: params[:email], password: params[:pass]} do
{:ok, user} -> CreateTokenOrCookie
{:error, message} -> DisplayAuthenticationScreenAgain
end
end
end