Module to handle login.

Openmaize.Login checks the user’s password, making sure that the account has been confirmed, if necessary, and returns an openmaize_user message (the user model) if login is successful or an openmaize_error message if there is an error.

After this function has been called, you need to add the user to the session, by running put_session(conn, :user_id, id), or send an API token to the user. If you are using two-factor authentication, you need to first check the user model for otp_required: true and, if necessary, redirect the user to the one-time password input page.

Options

There are three options - in most cases you will not need to change the repo and user_model options:

• unique_id - the name which is used to identify the user (in the database)

  • the default is :email
  • this can also be a function - see below for an example

• repo - the name of the repo

  • the default is MyApp.Repo - using the name of the project

• user_model - the name of the user model

  • the default is MyApp.User - using the name of the project

unique_id option

The unique_id option is usually an atom, but it can also be a function which returns a tuple with the {unique_id (as an atom), user_id, password}.

The following example is a function that takes the user parameters as input and searches for the user by phone number if the input is all digits, but email otherwise.

def phone_name(%{"email" => email, "password" => password}) do
  {Regex.match?(~r/^[0-9]+$/, email) and :phone || :email, email, password}
end

To use this function, add the following to the session controller:

plug Openmaize.Login, [unique_id: &phone_name/1] when action in [:create]