PhoenixKitWeb.Users.Session (phoenix_kit v1.6.15)

View Source

Controller for handling user session management.

This controller manages user login and logout operations, including:

  • Creating new sessions via email/password authentication
  • Handling post-registration and password update flows
  • Session termination (logout)
  • GET-based logout for direct URL access

Security Features

  • Prevents user enumeration by not disclosing whether an email is registered
  • Supports remember me functionality via UserAuth module
  • Session renewal on login/logout to prevent fixation attacks

Summary

Functions

create(conn, params)
delete(conn, params)
get_logout(conn, params)

Functions

create(conn, params)

delete(conn, params)

get_logout(conn, params)