lcabrini

lcabrini

How to create accounts without self-registration?

I’m fairly new to both Elixir and Phoenix, although I have quite a bit of experience with other languages and frameworks and I’m usually able to figure things out.

I’m working with Phoenix 1.7, liveview and gen.auth. I don’t want users to be able to register. Instead, when you staff members join, an administrator would set up user accounts for them. I would have thought this would be a farily common use case, but maybe I’m wrong, because I haven’t found much searching.

I get that I can remove/comment out the registration endpoint. And I need to create endpoints for an admin to manage users. What I’m now sure about is how to go about the confirmation. Looking at the code, removing confirmed_at from the model doesn’t seem like the right way forward. Or is it?

I’m guessing somebody else has been in the same situation and solved it. How did you go about it? What would be the most straight-forward way to disable self-registration and not require user confirmation?

Most Liked

sodapopcan

sodapopcan

Hello and welcome!

phx_gen_auth is meant to give you the bare-minimum needed to get going with auth. If you are looking for more fully-featured auth, you can look at Pow although its LiveView support isn’t all there yet but it’s coming.

Otherwise, I recently did what you’re describing in phx_gen_auth by repurposing the reset password form and the confirmation token. I did the following:

  • Removed the registration form and anything related to it
  • Added a user creation form to my admin area which:
    • sets a long random password with :crypto.strong_rand_bytes/1
    • sends the user their confirmation email with the token link
  • Changed the confirmation page to display the reset password form and only mark the user as confirmed when they have set their new password.
  • Ensure users can’t login until they have been confirmed (this is not done by default by the generator)

One gotcha is that if you are generated auth using LiveView and you want to auto-login the user after they have set their new password, the confirmation page should use a controller, not a LiveView. This is because you can’t set session data over websockets.

I know other people around here have done something similar approaches if you search around. If you choose to go this route then I’d be happy to try and answer any questions!

LostKobrakai

LostKobrakai

Yeah. If the invitation already works via email, then another confirmation is not needed. But that’s not always the case for systems, where “admins” create accounts.

Edit: Even in the former case you still want to retain the fact that confirmation happened.

LostKobrakai

LostKobrakai

I’d also add that it’s not meant to be the end of it all. It’s meant to give you a staring point and you can customize from there.

As for the confirmation. I’d still keep confirmation logic around. Doesn’t hurt to confirm that whomever owns the email is actually the intended person to be invited.

Where Next?

Popular in Questions Top

aadeshere1
I have a another noob question about loop. Since elixir is immutable, while loop is not directly possible. total = 10 while total != 0 ...
New
Patoshizzle
After calling mix ecto.create I get this error: 17:00:32.162 [error] GenServer #PID<0.412.0> terminating ** (Postgrex.Error) FATAL...
New
electic
Hi, I am new to Elixir. I am trying to use the DateTime component to insert a date into MySQL however the there seems to be no way to fo...
New
minhajuddin
I have seen a lot of code which picks the first element from a list using Enum.at(0) instead of List.first. Is there a reason why people ...
New
earth10
Hi, I’m just starting to build a side-project with Elixir and Phoenix and doing some basic test with Elixir alone. What strikes me is th...
New
hariharasudhan94
lets say i have a sample like a = 20; b = 10; if (a > b) do {:ok, "a"} end if (a < b) do {:ok, b} end if (a == b) do {:ok, "equa...
New
beno
I will often find my self writing things similar to: case some_value do nil -> something() "" -> something() _ -> somethi...
New
vrod
I am using the Starship cross-shell prompt – it seems pretty nice, but I get some errors: [WARN] - (starship::utils): Executing command ...
New
fayddelight
I tried installing elixir 1.11.2 erlang 23.3.4 via asdf in my zsh shell. Enabled the versions locally and globally. When I list them ...
New
jason.o
In the code below, if the create action is not set to accept “extra_key” as an input, it errors out with a message shown above. Is there ...
New

Other popular topics Top

JakeBecker
TL;DR: I’ve just released an implementation of Microsoft’s IDE-independent Language Server Protocol for Elixir. It adds language support ...
1144 53690 245
New
jerry
Good day to you all. I have been struggling to get a query involving like and ilike to work. Can anyone assist me on this, please? pro...
New
stefanluptak
Hello everybody, usually, I use a 29" ultra-wide monitor for VSCode which can easily accomodate explorer (files panel) + file with code ...
New
Qqwy
Original source of discussion: This topic on the Pragmatic Programmers’ Functional Web Development with Elixir, OTP, and Phoenix forum. ...
New
AstonJ
Please see the new poll here: Which code editor or IDE do you use? (Poll) (2022 Edition) It’s been a while since we first asked this, I...
208 31142 143
New
jason.o
In the code below, if the create action is not set to accept “extra_key” as an input, it errors out with a message shown above. Is there ...
New
dblack
I’ve got an issue with an app and I’ve no idea of how to troubleshoot it. I’m hoping someone here might have seen something similar. I p...
New
rms.mrcs
Hi, I need to transform a list of numbers into a map where the keys are the indexes and the values are the original values of the list. ...
New
shijith.k
I am trying to start a new phoenix project with elixir 1.9, but mix phx.new does not work. It says that ** (Mix) The task "phx.new" could...
New
dogweather
I wrote this comment on r/haskell, and it’s not popular there. :wink: But I think I’m on to something… Haskell reminds me of Java, and e...
New

We're in Beta

About us Mission Statement