View Source Password Authentication
Add Bcrypt To your dependencies
This step is not strictly necessary, but in the next major version of AshAuthentication
,
Bcrypt
will be an optional dependency. This will make that upgrade slightly easier.
{:bcrypt_elixir, "~> 3.0"}
Add Attributes
Add an email
(or username
) and hashed_password
attribute to your user resource.
# lib/my_app/accounts/user.ex
attributes do
...
attribute :email, :ci_string, allow_nil?: false, public?: true
attribute :hashed_password, :string, allow_nil?: false, sensitive?: true
end
Ensure that the email
(or username) is unique.
# lib/my_app/accounts/user.ex
identities do
identity :unique_email, [:email]
# or
identity :unique_username, [:username]
end
Add the password strategy
Configure it to use the :email
or :username
as the identity field.
# lib/my_app/accounts/user.ex
authentication do
...
strategies do
password :password do
identity_field :email
# or
identity_field :username
end
end
end
Now we have enough in place to register and sign-in users using the
AshAuthentication.Strategy
protocol.