Easy Authentication in Elixir & Phoenix with the pow & pow_assent libraries
Вставка
- Опубліковано 19 січ 2025
- New to Elixir & Phoenix? Checkout my course "Elixir & Phoenix for beginners" www.knowthen.c...
Setting up authentication in new Phoenix web apps
I always enjoy starting new web projects, its a nice clean slate and an opportunity for you to create a solution that's hopefully better designed and engineered than the other projects I've worked on... and there are all sorts of interesting things to think about and research, and there's no technical debt to deal with (yet), and there are no pending deadlines, and so on.
But here's the thing, as soon as I start setting up the new Elixir / Phoenix project, my excitement fades pretty quickly, because, in my mind, project setup should take a matter of minutes, but in reality project setups takes much longer than I expect, because... well, it's not something I do every day, so I always have to shake off the dust, do a bit of research to see if there are any new "best practices", or new libraries I should look at and so on.
So what?
Ok, so why am I talking about this?
Well, because sometimes we make these initial setups harder than they have to be, and I want to look at one particular aspect of setting up a new project, that I suspect many of us do the hard way, I know I have.
The thing I want to look at is handling authentication in a new phoenix project... And I want to consider the question: "how should I handle authentication? roll my own or use a library"
Check out the above screencast to see my take on handling authentication in Elixir / Phoenix web applications.
Spoiler alert
Do you want to know the gist of the screencast?
Even thought it's "easy", you probably shouldn't write your own authentication system, you should just use the excellent pow and pow_assent libraries. I make the case for using these libraries and show you how in just a matter of minutes you can:
1. Create a new Phoenix project
2. Setup authentication
3. Add simple route based authorization
4. Setup password resets
5. Setup social logins (ie login with Twitter, Facebook, Github, etc)
If you like pow & pow_assent, please reach out to the primary author, [Dan Schultzer]( / danschultzer ) and thank him for all his hard work.
Additionally, if you can, please consider [sponsoring Dan's open source-work](github.com/spo..., either personally or through your employer. I believe open source authors are truly under-appreciated, but we can change that if we all chip in just a little bit.
Source code: github.com/kno...
How would that work for API only solution? Any recommendations?
Yet another amazing video from this amazing channel! I've been working a project with Slack login using Phoenix and the Guardian library for the last few days, but after watching this video I'm convinced to start from scratch.
Having worked with other languages and frameworks for years, and I'm amazed by how quickly you can get stuff done with Rails and Phoenix. Even after a few weeks of "unlearning" in the last few weeks I still stumble upon libraries that can do what I'm used to doing on my own, and do it in a much better way.
You're a born teacher
amazing! your step by step explanation sounds so smooth!
Really good production value, small details like showing the current route you are adding a link to. I'm new to phoenix but could comfortably follow along! Have subscribed, cheers!
Can we get an updated version of everything? 🥺
After installing pow_assent and adding pow_assent_authorization_post_callback_routes() in the new scope, only the POST route is shown after running mix phx.routes. After following along in the video, after clicking on the Register link, the Sign in with Github link is not shown. I went back and checked by steps, including checking the repo, and can't see what I did wrong.
Anyone else getting "function TaskAppWeb.Router.Helpers.pow_assent_authorization_path/4 is undefined or private" after adding PowAsset and clicking the Register link?
I am getting that exact problem as well. It seems like I'm not getting all the routes from 'pow_assent_authorization_post_callback_routes()' as he is. EDIT: I had put pow_extension_routes() instead of pow_assent_routes() in my router.ex
How does this library hold up when compared to Rails' Devise?
How about persistence the session is lost if application restarts : ) and blacklisting users ?
Amazing video! All the necessary things for authentication is explained very well. Thanks a lot!
Excellent tutorial. Thank you very much.
can I use pow without Ecto? In my case, I am using neo4j as database, can't use it with Ecto. can u help me on using pow without Ecto
All Pow to the creator of these plugins!!
Great movie! Thank you for your hard work!
I have a question, but how to redirect the user after authorization to another page? /task for example?
excellent work. Thank you James.
Could you explain what exactly should be written in def process(email) to send an email using Bamboo?
There's surely some Bamboo instructions that would pick it up from there
This rocks! Next installment: secured API with Pow?
That would be great!
You also need to add pow_assent_routes now
Great content!
Thanks a lot for this tutorial
How can i manage to list all users with pow library?
Just as you normally would with Ecto, something like:
MyApp.Repo(MyApp.Users.User)
Great video... Just wondering if you ever offer discounts on your course?
I do on a case by case basis for scenarios like: Purchase Price Parity for people living in countries with much lower incomes & college students who are struggling financially. Feel free to email me if you're in a scenario like these examples. james@knowthen.com
excellent video!
awesome
You save my life.
Pls do some tutorials on how to make the course page like that of the knowthen course page here courses.knowthen.com/courses/elixir-and-phoenix-for-beginners/lectures/10025658. Would be very useful!