A simple username/password strategy for Überauth.
-
Add
:ueberauth_identity
to your list of dependencies inmix.exs
:def deps do [ {:ueberauth_identity, "~> 0.3"} ] end
-
Add the strategy to your applications:
def application do [ applications: [:ueberauth_identity] ] end
-
Add Identity to your Überauth configuration:
config :ueberauth, Ueberauth, providers: [ identity: {Ueberauth.Strategy.Identity, [ callback_methods: ["POST"] ]} ]
-
Include the Überauth plug in your controller:
defmodule MyApp.AuthController do use MyApp.Web, :controller plug Ueberauth ... end
-
Create the request and callback routes if you haven't already:
scope "/auth", MyApp do pipe_through :browser get "/:provider", AuthController, :request get "/:provider/callback", AuthController, :callback post "/identity/callback", AuthController, :identity_callback end
-
Your request phase handler should implement a form or similar method to collect the required login information.
-
The controller callback should validate login information using the
Ueberauth.Auth
struct:def identity_callback(%{assigns: %{ueberauth_auth: auth}} = conn, params) do case validate_password(auth.credentials) do :ok -> user = %{id: auth.uid, name: name_from_auth(auth), avatar: auth.info.image} conn |> put_flash(:info, "Successfully authenticated.") |> put_session(:current_user, user) |> redirect(to: "/") { :error, reason } -> conn |> put_flash(:error, reason) |> redirect(to: "/") end end
For an example implementation see the Überauth Example application.
Sometimes it's convenient to nest the returned params under a namespace. For example if you're using a "user" form, your params may come back as:
%{ "user" => { "email" => "my@email.com" … }
If you're using a nested set of attributes like this you'll need to let Überauth Identity know about it. To do this set an option in your config:
config :ueberauth, Ueberauth,
providers: [
identity: {Ueberauth.Strategy.Identity, [param_nesting: "user"]}
]
By default Überauth Identity will be changing empty values from the returned params to nil. If you want to disable that behaviour set the following option in your config:
config :ueberauth, Ueberauth,
providers: [
identity: {Ueberauth.Strategy.Identity, [scrub_params: false]}
]
Depending on the configured url you can initial the request through:
/auth/identity/callback
Copyright (c) 2015 Daniel Neighman
Released under the MIT License, which can be found in the repository in LICENSE.