This is a base plugin as it handles basic informations of a user (which are email and hashed password) and their authentication.

Fields:

• email (string)
• encrypted_password (string)

Configuration:

• authentication_keys (default: [:email]): the key(s), in addition to the password, requested to login. You can redefine it to ~W[name]a, for example, to ask the username instead of its email address.
• hashing_method (no default): a module implementing the behaviour ExPassword.Algorithm to hash and verify passwords
• hashing_options (a map, no default since they are hash-specific): ExPassword settings for hashing passwords

To support:

• bcrypt:
  • add {:expassword_bcrypt, "~> 0.2"} in deps/0 to your mix.exs
  • set :hashing_method to ExPassword.Bcrypt on the line stack Haytni.AuthenticablePlugin and also hashing_options: %{cost: 10}
• argon2:
  • add {:expassword_argon2, "~> 0.2"} in deps/0 to your mix.exs
  • set :hashing_method to ExPassword.Argon2 on the line stack Haytni.AuthenticablePlugin and also hashing_options: %{type: :argon2id, threads: 2, time_cost: 4, memory_cost: 131072}

stack Haytni.AuthenticablePlugin,
  authentication_keys: [:email],
  hashing_method: ExPassword.Bcrypt,
  hashing_options: %{
    cost: 10,
  }

Routes:

• haytni_<scope>_session_path (actions: new/create, delete): the generated routes can be customized through the following parameters when you call YourAppWeb.Haytni.routes/1:

  • login_path (default: "/session"): custom path assigned to the sign-in route
  • logout_path (default: same value as login_path): the path for th sign out route
  • logout_method (default: :delete): the HTTP method to use for the user to log out, in case where the default DELETE method were not well supported by your clients

  # lib/your_app_web/router.ex
  defmodule YourAppWeb.Router do
    # ...
    scope ... do
      YourAppWeb.Haytni.routes(
        login_path: "/login",
        logout_path: "/logout",
        logout_method: :get
      )
    end
    # ...
  end