Which token based (JWT) auth library could I use?

pedropeixoto · February 3, 2021, 2:57pm

Hello guys!

I’m just starting a side project where I’ll use Phoenix for both the API and for a couple of websites (back office and front office).

I’m trying to decide on a auth library at the moment. What do you guys recommend? I need it to be token based (JWT) because the api will be called from different apps and I need it to have some kind of role based access control.

Thank you!

andrejsm · February 3, 2021, 4:30pm

Try GitHub - ueberauth/guardian: Elixir Authentication with GitHub - ueberauth/ueberauth: An Elixir Authentication System for Plug-based Web Applications.

dlobo · February 3, 2021, 5:08pm

At Glific, we’ve been using PoW for authentication via a Web Form, API Tokens and Websockets and have been super happy with it and the support provided by Dan and the PoW team.

Very well documented, and meets all our needs. Definitely worth a look

lobo

marcin · February 3, 2021, 10:29pm

Also using Pow and JOSE to handle JWT.

I’m running a gensever to keep JWKS public keys
Here and Plug to resolve user based on token here