Skip to content

STUDITEMPS/ueberauth_passwordless

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

42 Commits
.github
.github
 
 
config
config
 
 
lib
lib
 
 
test
test
 
 
.formatter.exs
.formatter.exs
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
mix.exs
mix.exs
 
 
mix.lock
mix.lock
 
 

Repository files navigation

Ueberauth Passwordless

A Passwordless Strategy for Ueberauth using Magic Links

A full documentation can be found in the Strategy itself.

Installation

  1. Add :ueberauth_passwordless to dependencies in mix.exs
  def deps do
    [
      {:ueberauth_passwordless, "~> 0.2"},
    ]
  end
  1. Create a Mailer Module, which sends the emails with the magic links:
defmodule MyApp.MyMailer do
  @behaviour Ueberauth.Strategy.Passwordless.Mailer

  def send_email(magic_link, email_address) do
    # Send an Email containing the `magic_link` to the given `email_address`
  end
end
  1. Add Ueberauth Passwordless to your Ueberauth configuration:
config :ueberauth, Ueberauth,
  providers: [
    passwordless: {Ueberauth.Strategy.Passwordless, []}
  ]
  1. Set a token_secret and mailer on your Passwordless configuration:
config :ueberauth, Ueberauth.Strategy.Passwordless,
  token_secret: System.get_env("PASSWORDLESS_TOKEN_SECRET"),
  mailer: MyApp.MyMailer

  (optional) ttl: # Specify in Seconds how long a Magic Link should be valid
  (optional) redirect_url: # Specify a default url or path to which the conn is redirected after the Email is sent
  1. If you haven't already, create a Controller that handles the callbacks:
defmodule MyApp.AuthController do
  use MyApp.Web, :controller

  plug Ueberauth

  def callback(%{assigns: %{ueberauth_failure: errors}} = conn, _params) do
    # do things with the failure
  end

  def callback(%{assigns: %{ueberauth_auth: auth}} = conn, _params) do
    # do things with the auth
  end

end
  1. If you haven't already, set up the routes for authentication
scrope "/auth" do
  pipe_through :browser

  get "/:provider", AuthController, :request
  get "/:provider/callback", AuthController, :callback
end

Calling

Depending on your routes, you can call the passwordless strategy with e.g.:

/auth/passwordless?email=foo@bar.com

Or, from a Phoenix Form:

<%= form_for @conn, Routes.auth_path(@conn, :request, "passwordless"), [method: get], fn f -> %>
  <%= text_input f, :email %>
  <%= submit "Submit" %>
<% end %>

You can optionally pass a redirect_url to which the conn will be redirected after the email was sent:

/auth/passwordless?email=foo@bar.com&redirect_url=/my-redirect-path

Or, from a Phoenix Form:

<%= form_for @conn, Routes.auth_path(@conn, :request, "passwordless"), [method: get], fn f -> %>
  <%= hidden_input f, :redirect_url, value: "/my-redirect-path"%>
  <%= text_input f, :email %>
  <%= submit "Submit" %>
<% end %>

TODOs:

  • Ensure that a magic link can only be used once (e.g. using an :ets table)
  • Make ttl an option in handle_request! and persist the option for when the magic link is validated

About

Passwordless Strategy for Überauth

Topics

strategy passwordless ueberauth passwordless-login passwordless-authentication ueberauth-strategies

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

12 stars

Watchers

4 watching

Forks

5 forks
Report repository

Releases

2 tags

Packages

No packages published

Contributors 4

  •  
  •  
  •  
  •  

Languages