Skip to content

STUDITEMPS/ueberauth_passwordless

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

42 Commits

.github

.github

 
 

config

config

 
 

lib

lib

 
 

test

test

 
 

.formatter.exs

.formatter.exs

 
 

.gitignore

.gitignore

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

mix.exs

mix.exs

 
 

mix.lock

mix.lock

 
 

Repository files navigation

Ueberauth Passwordless

A Passwordless Strategy for Ueberauth using Magic Links

A full documentation can be found in the Strategy itself.

Installation

  1. Add :ueberauth_passwordless to dependencies in mix.exs
  def deps do
    [
      {:ueberauth_passwordless, "~> 0.2"},
    ]
  end
  1. Create a Mailer Module, which sends the emails with the magic links:
defmodule MyApp.MyMailer do
  @behaviour Ueberauth.Strategy.Passwordless.Mailer

  def send_email(magic_link, email_address) do
    # Send an Email containing the `magic_link` to the given `email_address`
  end
end
  1. Add Ueberauth Passwordless to your Ueberauth configuration:
config :ueberauth, Ueberauth,
  providers: [
    passwordless: {Ueberauth.Strategy.Passwordless, []}
  ]
  1. Set a token_secret and mailer on your Passwordless configuration:
config :ueberauth, Ueberauth.Strategy.Passwordless,
  token_secret: System.get_env("PASSWORDLESS_TOKEN_SECRET"),
  mailer: MyApp.MyMailer

  (optional) ttl: # Specify in Seconds how long a Magic Link should be valid
  (optional) redirect_url: # Specify a default url or path to which the conn is redirected after the Email is sent
  1. If you haven't already, create a Controller that handles the callbacks:
defmodule MyApp.AuthController do
  use MyApp.Web, :controller

  plug Ueberauth

  def callback(%{assigns: %{ueberauth_failure: errors}} = conn, _params) do
    # do things with the failure
  end

  def callback(%{assigns: %{ueberauth_auth: auth}} = conn, _params) do
    # do things with the auth
  end

end
  1. If you haven't already, set up the routes for authentication
scrope "/auth" do
  pipe_through :browser

  get "/:provider", AuthController, :request
  get "/:provider/callback", AuthController, :callback
end

Calling

Depending on your routes, you can call the passwordless strategy with e.g.:

/auth/passwordless?email=foo@bar.com

Or, from a Phoenix Form:

<%= form_for @conn, Routes.auth_path(@conn, :request, "passwordless"), [method: get], fn f -> %>
  <%= text_input f, :email %>
  <%= submit "Submit" %>
<% end %>

You can optionally pass a redirect_url to which the conn will be redirected after the email was sent:

/auth/passwordless?email=foo@bar.com&redirect_url=/my-redirect-path

Or, from a Phoenix Form:

<%= form_for @conn, Routes.auth_path(@conn, :request, "passwordless"), [method: get], fn f -> %>
  <%= hidden_input f, :redirect_url, value: "/my-redirect-path"%>
  <%= text_input f, :email %>
  <%= submit "Submit" %>
<% end %>

TODOs:

  • Ensure that a magic link can only be used once (e.g. using an :ets table)
  • Make ttl an option in handle_request! and persist the option for when the magic link is validated

About

Passwordless Strategy for Überauth

Topics

strategy passwordless ueberauth passwordless-login passwordless-authentication ueberauth-strategies

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

11 stars

Watchers

4 watching

Forks

6 forks
Report repository

Releases

2 tags

Packages

No packages published

Contributors 4

  •  
  •  
  •  
  •  

Languages