View Source Pow.Store.CredentialsCache behaviour (Pow v1.0.38)

Default module for credentials session storage.

A key (session id) is used to store, fetch, or delete credentials. The credentials are expected to take the form of {credentials, session_metadata}, where session metadata is data exclusive to the session id.

This module also adds two utility functions:

The :ttl should be maximum 30 minutes per OWASP recommendations. A warning will be output for any sessions created with a longer TTL.

Custom credentials cache module

Pow may use the utility functions in this module. To ensure all required functions has been implemented in a custom credentials cache module, the @behaviour of this module should be used:

defmodule MyApp.CredentialsStore do
  use Pow.Store.Base,
    ttl: :timer.minutes(30),
    namespace: "credentials"

  @behaviour Pow.Store.CredentialsCache

  @impl Pow.Store.CredentialsCache
  def users(config, struct) do
    # ...
  end

  @impl Pow.Store.CredentialsCache
  def put(config, key, value) do
    # ...
  end
end

Configuration options

  • :reload - boolean value for whether the user object should be loaded from the context. Defaults false.

Summary

Functions

Delete the user credentials data from the backend store.

Fetch user credentials from the backend store from session id.

Add user credentials with the session id to the backend store.

List all existing sessions for the user fetched from the backend store.

List all user for a certain user struct.

Callbacks

@callback put(Pow.Store.Base.config(), binary(), {map(), list()}) :: :ok
@callback sessions(Pow.Store.Base.config(), map()) :: [binary()]
@callback users(Pow.Store.Base.config(), module()) :: [any()]

Functions

Delete the user credentials data from the backend store.

This following two key-value will be deleted:

  • {session_id, {[user_struct, :user, user_id], metadata}}
  • {[user_struct, :user, user_id, :session, session_id], inserted_at}

The {[user_struct, :user, user_id], user} key-value is expected to expire when reaching its TTL.

@spec get(Pow.Store.Base.config(), binary()) :: {map(), list()} | nil | :not_found

Fetch user credentials from the backend store from session id.

@spec put(Pow.Store.Base.config(), binary(), {map(), list()}) :: :ok

Add user credentials with the session id to the backend store.

The credentials are expected to be in the format of {credentials, metadata}.

This following three key-value will be inserted:

  • {session_id, {[user_struct, :user, user_id], metadata}}
  • {[user_struct, :user, user_id], user}
  • {[user_struct, :user, user_id, :session, session_id], inserted_at}

If metadata has :fingerprint any active sessions for the user with the same :fingerprint in metadata will be deleted.

@spec sessions(Pow.Store.Base.config(), map()) :: [binary()]

List all existing sessions for the user fetched from the backend store.

@spec users(Pow.Store.Base.config(), module()) :: [any()]

List all user for a certain user struct.

Sessions for a user can be looked up with sessions/3.