EzAuth.Accounts (EzAuth v0.1.0)

Copy Markdown View Source

Public authentication operations for users, identities, sessions, and verifications.

Summary

Functions

create_user_with_email(email)

Creates a passwordless user with an email identity (used by magic-link / email-OTP request flows).

create_user_with_password(attrs)

Creates a user from email + password sign-up attributes.

create_user_with_phone(phone)

Creates a passwordless user with a phone identity (used by SMS OTP request flow).

email_taken?(email)
find_or_create_email_identity(value)

Returns the user and verified email identity, creating a passwordless user when none exists.

find_or_create_phone_identity(value)

Returns the user and verified phone identity, creating a passwordless user when none exists.

generate_user_session_token(user)

Generates a session token for the user.

get_user_by_email(email)
get_user_by_session_token(token)

Fetches the user for a valid session token.

get_user_by_username(username)
get_verified_identity(type, value)

Fetches a verified identity by type and value, returning the user it belongs to alongside.

issue_identity_verification(identity, type)

Issues an identity verification token and dispatches it through the configured sender.

request_email_verification(identity)

Issues an :email verification for the given identity.

request_password_recovery(email)

Issues a recovery code and dispatches it via the configured sender.

revoke_user_session_token(token)

Revokes a single session token.

revoke_user_sessions(user)

Revokes all session tokens for a user.

update_user_profile(user, attrs)

Updates the user's profile fields (name, username, metadata).

username_taken?(username)
verify_magic_code(code, type, value)

Verifies a short magic-code and consumes it.

verify_magic_link(token, type)

Verifies a magic-link token and consumes it.

Functions

create_user_with_email(email)

Creates a passwordless user with an email identity (used by magic-link / email-OTP request flows).

create_user_with_password(attrs)

Creates a user from email + password sign-up attributes.

create_user_with_phone(phone)

Creates a passwordless user with a phone identity (used by SMS OTP request flow).

email_taken?(email)

find_or_create_email_identity(value)

Returns the user and verified email identity, creating a passwordless user when none exists.

find_or_create_phone_identity(value)

Returns the user and verified phone identity, creating a passwordless user when none exists.

generate_user_session_token(user)

Generates a session token for the user.

get_user_by_email(email)

get_user_by_session_token(token)

Fetches the user for a valid session token.

get_user_by_username(username)

get_verified_identity(type, value)

Fetches a verified identity by type and value, returning the user it belongs to alongside.

issue_identity_verification(identity, type)

Issues an identity verification token and dispatches it through the configured sender.

request_email_verification(identity)

Issues an :email verification for the given identity.

request_password_recovery(email)

Issues a recovery code and dispatches it via the configured sender.

Returns :ok even when the email is unknown, so callers cannot probe for account existence.

revoke_user_session_token(token)

Revokes a single session token.

revoke_user_sessions(user)

Revokes all session tokens for a user.

update_user_profile(user, attrs)

Updates the user's profile fields (name, username, metadata).

username_taken?(username)

verify_magic_code(code, type, value)

Verifies a short magic-code and consumes it.

The code is the human-typeable secret sent out-of-band (recovery email, SMS OTP). Because the code's entropy is low, the lookup is value-scoped to the identity it was issued for.

verify_magic_link(token, type)

Verifies a magic-link token and consumes it.

The token is the long random secret embedded in a URL. Used by :email identity verification (post-signup confirm and magic-link sign-in) and similar link-style flows.