Openmaize

Authentication and authorization library for Elixir

Goals

Openmaize aims to provide developers the following:

• a secure, but lightweight, framework-agnostic authentication and authorization mechanism that is easy to use.
• excellent documentation.

Installation

1. Add openmaize to your mix.exs dependencies

  defp deps do
    [ {:openmaize, "~> 0.8"} ]
  end

1. List :openmaize as an application dependency

  def application do
    [applications: [:logger, :openmaize]]
  end

1. Run mix do deps.get, compile

Use

Before you use Openmaize, you need to make sure that your user model contains an id, name (which identifies the user) and role.

You then need to configure Openmaize. For more information, see the documentation for the Openmaize.Config module.

Openmaize provides the following main plugs:

• Openmaize.LoginoutCheck
  • checks the path to see if it is for the login or logout page
  • handles login or logout if necessary
• Openmaize.Authenticate
  • authenticates the user
  • sets (adds to the assigns map) the current_user variable
• Openmaize.Authorize
  • checks to see if the user is authorized to access the page / resource

There is also the following plug, which can be used to perform an extra authorization check based on user id:

• Openmaize.Authorize.IdCheck
  • checks to see if the user, based on id, is authorized to access the page / resource

See the relevant module documentation for more details.

There is an example of Openmaize being used with Phoenix at Openmaize-phoenix.

License

BSD