danschultzer

danschultzer

Pow Core Team

PowAssent: Instant multi-provider support for Pow

Multi-provider support for Pow with out-of-the-box support for many providers. I finally got a 0.1.0 release up today, and I hope some of you will find it useful :smile:

Please let me know if there’s anything that can be improved in the docs or with features. Thanks!

https://github.com/danschultzer/pow_assent
https://hexdocs.pm/pow_assent/

Pow thread: Pow - Robust, modular, extendable user authentication and management system

PowAssent details

Base strategies

  • OAuth 1.0
  • OAuth 2.0

Strategies

  • Azure AD
  • Basecamp
  • Discord
  • Facebook
  • Github
  • Google
  • Instagram
  • Slack
  • Twitter
  • VK

Few dependencies

PowAssent has nearly no dependencies. :httpc is used as the default HTTP client with built-in SSL validation!

Mint can be added for HTTP/2 support.

Can PowAssent be used without Pow?

Yes! You can use any strategy directly:

config = [
  client_id: "REPLACE_WITH_CLIENT_ID",
  client_secret: "REPLACE_WITH_CLIENT_SECRET",
]

{:ok, %{conn: conn, url: url}} = PowAssent.Strategy.Github.authorize_url(config, conn)

case PowAssent.Strategy.Github.callback(config, conn, params) do
  {:ok, %{conn: conn, user: user}} -> # …
  {:error, reason} -> # …
end

I’ve been using this technique for a lean super admin login.

What about Ueberauth?

You can use Ueberauth with Pow, or add a custom strategy that uses Ueberauth underneath!

However, most strategies uses the OAuth protocols, and it’s much easier to just add your custom strategy. It takes no time to set up. Pull requests are welcome!

A big difference from Ueberauth is that PowAssent is self contained. Strategies are built-in and consists of very little code. They rely on base strategies like OAuth or OAuth2 to do the heavy lifting. All strategies are consistent, and e.g. switching out underlying HTTP client or JSON library is no problem. Unfortunately with Ueberauth you’ll have several different dependencies that each handle things differently. This may also cause dependency conflicts.

Adding a custom strategy

Provider support is super easy. You just need to write one (tiny) module:

defmodule MyApp.CustomStrategy do
  use PowAssent.Strategy.OAuth2

  def default_config(_config) do
    [
      site: "https://api.example.com",
      user_url: "/authorization.json"
    ]
  end

  def normalize(_config, user) do
    %{
      "uid"   => user["id"],
      "name"  => user["name"],
      "email" => user["email"]
    }
  end
end

And then add it to your providers:

config :my_app, :pow_assent,
  providers: [
    custom_strategy: [
      client_id: "REPLACE_WITH_CLIENT_ID",
      client_secret: "REPLACE_WITH_CLIENT_SECRET",
      strategy: MyApp.CustomStrategy
    ]
  ]

Happy coding :rocket:

Most Liked

danschultzer

danschultzer

Pow Core Team

Pow 0.2.0 released

Changelog: Github
Hex: pow_assent | Hex

This release contains several breaking changes. The plug methods and controllers have been streamlined so they are much easier to work with. However, you don’t need to change a thing unless you’ve a very customized 0.1.0 setup.

Removed Plug.Conn from strategies

Strategies no longer uses plug conn param. Now you only have to pass configuration and params. This means that PowAssent strategies can be used in any context with no expectation for any dependency!

PowInvitation

Support for the new PowInvitation extension in Pow 1.0.3!

It’s plug n’ play. Zero configuration.

danschultzer

danschultzer

Pow Core Team

Thanks! It’s in the readme, but it’s kind of hidden towards the end: GitHub - pow-auth/pow: Robust, modular, and extendable user authentication system · GitHub

Maybe it would be better with a reference to it in the Extensions section.

danschultzer

danschultzer

Pow Core Team

You’re right, the user identity is never updated, only created or deleted. When there’s a match for :provider and :uid, the user will just be authenticated. I’m not sure what the solution should be, so I’ve just opened an issue on github I’ll give this some thought.

Where Next?

Popular in Announcing Top

danschultzer
In short Plug n’ play OAuth 2.0 provider library. Just set up a resource owner schema with Ecto (your user schema), install the dependen...
New
mischov
import Meeseeks.CSS html = HTTPoison.get!("https://news.ycombinator.com/").body for story <- Meeseeks.all(html, css("tr.athing")) do...
New
ostinelli
Let’s write a database! Well not really, but I think it’s a little sad that there doesn’t seem to be a simple in-memory distributed KV da...
New
msaraiva
Surface is an experimental library built on top of Phoenix LiveView and its new LiveComponent API that aims to provide a more declarative...
564 43622 214
New
Eiji
ExApi is a library that I’m developing now and hope release soon This library will allow to: list all apis list all api implementation...
New
bluzky
You may know https://ui.shadcn.com/, a UI component library for React. I really love it’s design style and components. I’ve built some co...
384 13736 119
New
Flo0807
Hello everyone! I am excited to share our heart project Backpex with you. After building several Phoenix applications, we realized that...
New
OvermindDL1
Been making an MLElixir thing (not released yet…) for fun in spare time in the past day. I’m just trying to see how much I can get an ML...
132 13966 106
New
marcuslankenau
I feel kind of stuck with the absence of a proper xml library for Elixir. Currently I use SweetXML which was ok for me more or less to pa...
New
trisolaran
Hi! :waving_hand: I would like to present LiveSelect, a little library that I wrote to easily add a dynamic selection input to your LV f...
198 10858 107
New

Other popular topics Top

sorentwo
Hello! tl;dr Announcing Oban, an Ecto based job processing library with a focus on reliability and historical observability. After spen...
985 42920 311
New
Harrisonl
We have an ECS cluster with 4 services, where each task joins a single cluster, via discovery ECS discovery service. Currently when I de...
New
Darmani72
If I have a post route which an argument: post /my_post_route/:my_param1, MyController.my_post_handler How would get the post params ...
New
danschultzer
None of the current solutions worked well for me, so I went ahead and built a user management system from scratch. This project took far...
548 29377 241
New
jerry
Good day to you all. I have been struggling to get a query involving like and ilike to work. Can anyone assist me on this, please? pro...
New
nobody
Hi! In PHP: $_SERVER[‘SERVER_ADDR’] - in Elixir? Searched the docs for ip address and the web, no good results. Thanks!
New
shijith.k
I am trying to start a new phoenix project with elixir 1.9, but mix phx.new does not work. It says that ** (Mix) The task "phx.new" could...
New
joaquinalcerro
Hi there, I am working with Ecto-Postgresql and I need to call all of the records from a specific table but the table has 40,000 records...
New
Brian
What is the proper way to load a module from a file in to IEX? In the python world, doing something like this pretty standard: from ....
New
WestKeys
Currently suffering from paralysis by [HTTP client] analysis. This is rather unusual in Elixirland as there tends to be consensus on the ...
New

We're in Beta

About us Mission Statement