Pow.Store.CredentialsCache behaviour (Pow v1.0.25) View Source

Default module for credentials session storage.

A key (session id) is used to store, fetch, or delete credentials. The credentials are expected to take the form of {credentials, session_metadata}, where session metadata is data exclusive to the session id.

This module also adds two utility methods:

The :ttl should be maximum 30 minutes per OWASP recommendations. A warning will be output for any sessions created with a longer TTL.

Custom credentials cache module

Pow may use the utility methods in this module. To ensure all required methods has been implemented in a custom credentials cache module, the @behaviour of this module should be used:

defmodule MyApp.CredentialsStore do
  use Pow.Store.Base,
    ttl: :timer.minutes(30),
    namespace: "credentials"

  @behaviour Pow.Store.CredentialsCache

  @impl Pow.Store.CredentialsCache
  def users(config, struct) do
    # ...
  end

  @impl Pow.Store.CredentialsCache
  def put(config, key, value) do
    # ...
  end
end

Configuration options

  • :reload - boolean value for whether the user object should be loaded from the context. Defaults false.

Link to this section Summary

Functions

Delete the user credentials data from the backend store.

Fetch user credentials from the backend store from session id.

Add user credentials with the session id to the backend store.

List all existing sessions for the user fetched from the backend store.

List all user for a certain user struct.

Link to this section Callbacks

Specs

put(Pow.Store.Base.config(), binary(), {map(), list()}) :: :ok

Specs

sessions(Pow.Store.Base.config(), map()) :: [binary()]

Specs

users(Pow.Store.Base.config(), module()) :: [any()]

Link to this section Functions

Delete the user credentials data from the backend store.

This following two key-value will be deleted:

  • {session_id, {[user_struct, :user, user_id], metadata}}
  • {[user_struct, :user, user_id, :session, session_id], inserted_at}

The {[user_struct, :user, user_id], user} key-value is expected to expire when reaching its TTL.

Specs

get(Pow.Store.Base.config(), binary()) :: {map(), list()} | nil | :not_found

Fetch user credentials from the backend store from session id.

Specs

put(Pow.Store.Base.config(), binary(), {map(), list()}) :: :ok

Add user credentials with the session id to the backend store.

The credentials are expected to be in the format of {credentials, metadata}.

This following three key-value will be inserted:

  • {session_id, {[user_struct, :user, user_id], metadata}}
  • {[user_struct, :user, user_id], user}
  • {[user_struct, :user, user_id, :session, session_id], inserted_at}

If metadata has :fingerprint any active sessions for the user with the same :fingerprint in metadata will be deleted.

Specs

sessions(Pow.Store.Base.config(), map()) :: [binary()]

List all existing sessions for the user fetched from the backend store.

Specs

users(Pow.Store.Base.config(), module()) :: [any()]

List all user for a certain user struct.

Sessions for a user can be looked up with sessions/3.