Magic Auth - An Phoenix Authentication Library Designed for Effortless Setup 🚀

Hey everyone! :wave:

I’m excited to share a new library with you all: Magic Auth! It’s an authentication library for Phoenix projects that aims to make your life as a developer easier by offering an authentication solution with minimal setup effort.

Why I Built Magic Auth

While phx.gen.auth is amazing, it can require a significant amount of time to implement all the necessary flows, such as password resets, recovery screens, and UI customization. Magic Auth is designed to simplify authentication, requiring virtually the same minimal effort as implementing a BASIC HTTP authentication flow, but with much more power!

What Magic Auth Brings to the Table

Here’s a quick rundown of the key features:

• Ship Faster :rocket:: No time wasted configuring password resets and recovery flows—just implement and ship your product.

• Passwordless Authentication :incoming_envelope:: Secure login process through one-time passwords sent via email. One-time passwords are better than magic links because users can receive the code on one device (e.g., phone email) and enter it on another (e.g., desktop browser).

• Enhanced Security :lock:: Protect your application from brute force attacks with built-in rate limiting and account lockout mechanisms.

• Customizable Interface :art:: Use the beautiful default UI components out of the box, or customize them fully to match your design perfectly.

• Effortless Configuration and Comprehensive Documentation :books:: Quick and simple integration with your Phoenix project, with detailed guides and references to assist you through every step of the integration process.

• Schema Agnostic :bust_in_silhouette:: Implement authentication without requiring a user schema—ideal for everything from MVPs to complex applications.

Why This Matters

I’m deeply passionate about making the Elixir/Phoenix ecosystem the go-to choice for building MVPs and startups. I truly believe Elixir and Phoenix have unmatched potential for speed, scalability, and developer happiness.

Authentication can often be a roadblock, especially when you’re moving fast to validate ideas or launch a product. Magic Auth removes that friction so you can spend less time on boilerplate and more time building something awesome.

Check out Magic Auth on GitHub: GitHub - gushonorato/magic_auth: An Elixir authentication library designed for effortless setup.. Give it a try, and let me know your thoughts! Your feedback can help shape Magic Auth into an even better tool for the community.

Let’s make the Elixir/Phoenix ecosystem the best place to build startups and MVPs.

Cheers,
Gustavo

P.S. Feel free to ask questions or share your thoughts. I’d love to hear how Magic Auth can help your projects! :blush:

33 Likes

Will this support totp in the future where i can setup a phone or passkey for auth? Looks amazing btw.

3 Likes

Thank you for your feedback! I believe that with just a few modifications, I can add support for sending TOTP to a phone instead of email. Could you please open an issue on GitHub describing your use case?

6 Likes

Did so, and seriously great work!

2 Likes

Very impressed with the quality of your code, comments and documentation. Thank you!

2 Likes

Amazing! Magic auth is exactly what i imagined the perfect auth library to be.

Thanks for your great work!

1 Like

[Release] Version 0.1.1 – Important Security Fix

Hello everyone,

We’ve just released version 0.1.1, and we strongly recommend updating to this latest version as it includes a critical security fix.

[0.1.1] - 2025-01-29

Fixed

  • One-time passwords are not being deleted after verified, allowing them to be reused multiple times until they expire.

Please update as soon as possible and let us know if you have any feedback! :rocket:

Thanks for your support!

3 Likes

Great work. Congratulations and Thank you.
Do you have any guide about using Magic Auth without liveview?
I wan’t to use Magic Auth with phoenix controllers and (dead) views. Please advise.

2 Likes

Hey! Unfortunately, Magic Auth does require LiveView. However, adding support for “dead views only projects” isn’t too difficult. Could you please open an issue on GitHub so we can continue the discussion there? If possible, provide details about your use case in the issue.

1 Like