I am pretty new to Phoenix Authentication and would just like to ask what packages/combination you guys are usually using for…
1.) Basic auth - username/email, password authentication. I saw here some examples, but I would like to have more than 1 user in config. Like a system with email/pass entries in DB?
2.) More sophisticated auth - like OAuth2 (providers like github, fb,…)
3.) API authentication
I would really appreciate some suggestions here. Currently mostly need no. 1, but suggestions for 2 and 3 are more than welcome.
I am not using basic auth, but if I should, I would probably use a homemade solution, storing auth info into session. As I would do for a Rails application.
Please note also Guardian that might be useful in some scenario.
I have been using phauxth in a new project and it is the best I have used IMHO, integrates easy, very simple to understand/extend. I also have used guardian which is good, and coherence which is also good, but more “full featured” and a bit more rigid than I like. I am planning to write a blog series on the very topic, however been caught up with work lately - first post is here though if you want to check it out (shameless plug) phoenix auth part one
So far I’ve only used HTTP Basic auth via simple webserver (Hiawatha) configuration in a file for an API, which allows for differing usernames and passwords to be set.
As a beginner needing to add authentication in-app soonish I’m looking forward to your posts, especially on using Phauxth. I’ve subscribed to your blog. Congratulations on your new arrival.
Hi guys… I’ve tried this “phauxth” package/project and it looks really good. I tried and run it… and first impressions are that this is exactly what I needed for “basic” username/password authentication.
I got some time today so I wrote that post for you. Hope it helps. Let me know if you need anything else clarified. Here is the post: Part Two - Phauxth
Over the past 2 months I’ve switched entirely over to https://github.com/maxneuvians/idq_auth because you don’t have to worry about storing passwords and password resets and because it’s pretty much copy and paste to get authentication going.
Disclaimer: I work for the company building the idQ TaaS service.
As I don’t need Oauth, I don’t use Ueberauth. I have rolled my own, one for session based auth, and one for token based auth. It has been working for web client, spa client, and mobile client as well.
If You don’t feel confident in rolling your own, I would advise to look at those 2 librairies