1c8f138c67
Highlights: * Replaced `AshAuthentication.Provider` with the much more flexible `AshAuthentication.Strategy`. * Moved strategies to within the `authentication` DSL using entities and removed excess extensions. * Added a lot more documentation and test coverage. |
||
|---|---|---|
| .devcontainer | ||
| .github | ||
| config | ||
| dev | ||
| lib | ||
| priv | ||
| test | ||
| .doctor.exs | ||
| .formatter.exs | ||
| .gitignore | ||
| .tool-versions | ||
| CHANGELOG.md | ||
| LICENSE | ||
| mix.exs | ||
| mix.lock | ||
| README.md | ||
AshAuthentication
AshAuthentication provides drop-in support for user authentication for users of the Ash framework. It is designed to be highly configurable, with sensible defaults covering the most common use-cases.
Installation
The package can be installed by adding ash_authentication to your list of
dependencies in mix.exs:
def deps do
[
{:ash_authentication, "~> 1.0.0"}
]
end
Usage
This package assumes that you have Ash installed and configured. See the Ash documentation for details.
Once installed you can easily add support for authentication by adding the
AshAuthentication extension to your resource:
defmodule MyApp.Accounts.User do
use Ash.Resource,
extensions: [AshAuthentication]
attributes do
uuid_primary_key :id
attribute :email, :ci_string, allow_nil?: false
attribute :hashed_password, :string, allow_nil?: false, sensitive?: true
end
authentication do
api MyApp.Accounts
strategies do
password do
identity_field :email
hashed_password_field :hashed_password
end
end
end
identities do
identity :unique_email, [:email]
end
end
If you plan on providing authentication via the web, then you will need to
define a plug using
AshAuthentication.Plug
which builds a Plug.Router that
routes incoming authentication requests to the correct provider and provides
callbacks for you to manipulate the conn after success or failure.
If you're using AshAuthentication with Phoenix, then check out
ash_authentication_phoenix
which provides route helpers, a controller abstraction and LiveView components
for easy set up.
Authentication Strategies
Currently supported strategies:
AshAuthentication.Strategy.Password- authenticate users against your local database using a unique identity (such as username or email address) and a password.
AshAuthentication.Strategy.OAuth2- authenticate using local or remote OAuth 2.0 compatible services.
Documentation
Documentation for the latest release will be available on
hexdocs and for the main
branch.
Additional support can be found on the GitHub discussions page and the Ash Discord.
Contributing
- To contribute updates, fixes or new features please fork and open a
pull-request against
main. - Please use conventional commits - this allows us to dynamically generate the changelog.
- Feel free to ask any questions on out GitHub discussions page.
Licence
AshAuthentication is licensed under the terms of the MIT
license. See the LICENSE file in this
repository
for details.