@danschultzer Would Pow play well with multi-tenancy via Triplex in an Umbrella app? Just putting these terms together is giving me a headache
I can see that the setup for an Umbrella app is fairly similar except that the Ecto installation is done in a Repo app (assuming your Umbrella app is configured that way). But would setting the tenant dynamically have any impact on Pows config? Any gotchas I should be aware of?
Yeah, I think a custom reset password controller will be the easiest to work with in this case.
I had to read up a bit on this, since Iām not familiar with Triplex or have built multi-tenant apps. You can feed the configuration dynamically so you should be able to go most of the way. Maybe it just requires that repo opts can be propagated from the config.
If you donāt mind, then I would love to discuss this in an issue on github and come up with a solution for what you need. This is definitely a good use case for Pow.
@danschultzer - thanks for writing Pow. I have been thinking of using Pow going forward instead of my hand rolled user auth setup, and have some extensions in mind already.
When playing with Pow this morning on a fresh umbrella app, I found the current umbrella instructions just a little confusing for the configuration:
Use :my_app_web instead of :my_app
I dont believe that phx creates a :my_app_web application anywhere, umbrella or not??
Anyway I documented all the steps of creating a basic umbrella app for use with Pow and pushed up an example repo. Feel free to rip walkthrough the instructions out of the README and add to the Pow repo if you wish.
Ohh I gotcha. It is referring to whatever the otp name is of the Phoenix umbrella child app you want to configure - @abitdodgy which can be any name you choose.
Thanks for clearing that up.
Side note if you did create an Phoenix umbrella child app named my_app_web you would end up with a confusing automated folder structure of:
The assumption was that the mix phx.new --umbrella task was used to create the umbrella phoenix app. Iāve updated the guide to clarify this. You are correct that itās not true if you are setting it up the apps individually. Thanks!
If youāre using Phoenix, then it would most likely still be _web, but thatās only because of how the Phoenix generators sets up the apps.
I encountered a slight issue when following the guide, sorry for the late report.
Please see all the details in the comment I just made on your commit here.
While the lock_users guide works fine, I found that the default session_controller wonāt use the EnsureNotLockedUser plug when creating a new session.
Well, it is true that adding the guide plug before any route of the app will do the job, but do you recommend using it like that ?
Anyway Iām trying to use a custom session_controller but I find the process a bit complexā¦
Here is all Iāve read in the docs about it:
The registration and session controllers can be changed with your customized versions too, but since the routes are built on compile time, youāll have to set them up in router.ex with :pow namespace. For minor pre/post-processing of requests, you can use the :controller_callbacks option. It exists to make it easier to modify flow with extensions (e.g., send a confirmation email upon user registration).
So I have a few questions.
For custom controllers, is there a way to use the coresponding default controller view and templates?
Is just setting up custom controllers in router.ex with :pow namespace will be sufficient for all to work? (I seem to get some errors about view module not foundā¦)
Is using some custom controller, means that we have to update configuration with routes_backend: MyAppWeb.Pow.Routes?
Will it be possible to make for noobs some quick guide on a very basic custom controller ?
The ideal setup is that you take full control of the flow rather than depending on Pow. Trying to hack Pow.Phoenix will become pretty complicated and obfuscate what actually goes on. I recommend just using the Pow.Plug methods/modules instead. This way youāll keep your code explicit and easy to understand. You wonāt need the routes backend, or ensure router namespace, etc.
However, the controller callbacks can be used as an alternative if itās only some light changes in the flow. It depends. What is it you want to change?
I was thinking about a way to prevent users from receiving password reset link if their account is locked. Since in this case they wonāt be authenticated (they will only provide an email), the EnsureNotLockedUser plug wonāt work here, right ?
So I will have to change a bit the reset_password extension controller.
Thank you, I will take a look at the guide. I didnāt notice it before. ^^
Good call! You are right, the plug will only work when users have authenticated. Iāll update the guide with a section on this. This can be handled with a custom controller callback, but Iāll think it through and see if thereās a more explicit way of handling it.
This library is great. Even noob me managed to get it up and working on my project with little trouble. I do have a dumb question though.
I am trying to change the user_id_field from :email to a custom field in the DB (:staffid) I have the schema and everything set up properly and I can access the data from that field through the Pow.Plug. I keep seeing in the readme that the user_id_field can be changed in the config, I just canāt figure out where exactly to do that.
Any help would be very much appreciated!