How To Externalize User Authentication Within Phoenix?

Can someone with current experience suggest a path on how to get started externalizing user authentication within Phoenix? I would like to give my users the ability to register/sign-in using Google, Facebook, etc.

Further, if I integrate with enough external providers, I assume that means I could (potentially?) forego entirely the responsibility of storing/managing users passwords. Is that a reasonable assumption?

There is a lot of information about this topic, but most of it seems dated… and the Elixir/Phoenix world moves quickly. I’d like to avoid starting on a dead-end path :).

Thanks in advance!

If you use something like oauth, yes, probably. But you might need to store some tokens (like access token) returned by these providers.

I think there is a client library for oauth GitHub - ueberauth/oauth2: An Elixir OAuth 2.0 Client Library. Maybe you could use that.

You can use ueberauth - they have strategies for many providers and you can extend it with your own. Using a strategy for text passwords is supported but not required so yes, you can get away with not storing any passwords.

A cool path I recently tried myself is passwordless authentication using magic links. It’s a very easy to do solution too.

I would also say one is enough. The one I mentioned for example, all the user needs is an email, and since users are mostly expecting you ask them their email anyways, that’s ok. The downside would be that some users might not like to have to open an email to log in and it will generate some churn for you. But that’s life.

One of my favorites :). Best passwords are no passwords.

There is also auth0 that does integrate with Elixir & Phoenix pretty neatly: Elixir & Phoenix Tutorial: Build an Authenticated App (I have tried that in one of the projects and it works as advertised).

Never heard of auth0 before. I will definitely give it a try soon.