@spec add_add_on(
  Igniter.t(),
  Ash.Resource.t(),
  contents :: String.t()
) :: Igniter.t()

Adds an add on to the authentication.add_ons section of a resource

@spec add_new_add_on(
  Igniter.t(),
  Ash.Resource.t(),
  type :: atom(),
  name :: atom() | nil,
  contents :: String.t()
) :: Igniter.t()

Adds a new add_on to the authentication.strategies section of a resource

@spec add_new_secret_from_env(
  Igniter.t(),
  module(),
  Ash.Resource.t(),
  [atom()],
  atom()
) :: Igniter.t()

Adds a secret to a secret module that reads from application env, if one for that module/path doesn't exist already.

@spec add_new_strategy(
  Igniter.t(),
  Ash.Resource.t(),
  type :: atom(),
  name :: atom(),
  contents :: String.t()
) :: Igniter.t()

Adds a new strategy to the authentication.strategies section of a resource

@spec add_oauth_register_action(Igniter.t(), module(), atom(), keyword()) ::
  Igniter.t()

Adds an OAuth2 register action to a user resource.

The action handles both registration and sign-in via upsert? true. It satisfies the OAuth2 transformer's validation requirements.

@spec add_oauth_secrets(
  Igniter.t(),
  module(),
  module(),
  atom(),
  [{atom(), String.t()}]
) :: Igniter.t()

Wires OAuth secrets into the secrets module and runtime.exs.

For each {secret_key, env_var_name} pair:

• Adds a secret_for/4 clause to the secrets module
• Adds a System.get_env entry to runtime.exs

@spec add_remember_me_strategy(Igniter.t(), Ash.Resource.t()) :: Igniter.t()

Adds the remember_me strategy to a resource if it doesn't already exist.

@spec add_secret_from_env(Igniter.t(), module(), Ash.Resource.t(), [atom()], atom()) ::
  Igniter.t()

Adds a secret to a secret module that reads from application env

@spec add_strategy(
  Igniter.t(),
  Ash.Resource.t(),
  contents :: String.t()
) :: Igniter.t()

Adds a strategy to the authentication.strategies section of a resource

@spec codegen_for_strategy(Igniter.t(), atom()) :: Igniter.t()

Runs Ash.Igniter.codegen/2 with a consistent migration name for a strategy.

Example

codegen_for_strategy(igniter, :password)
# => codegen named "add_password_auth_strategy"

@spec defines_add_on(
  Igniter.t(),
  Ash.Resource.t(),
  constructor :: atom(),
  name :: atom()
) ::
  {Igniter.t(), true | false}

Returns true if the given resource defines an authentication add on with the provided name

@spec defines_strategy(
  Igniter.t(),
  Ash.Resource.t(),
  constructor :: atom(),
  name :: atom()
) ::
  {Igniter.t(), true | false}

Returns true if the given resource defines an authentication strategy with the provided name

@spec defines_strategy_of_type(
  Igniter.t(),
  Ash.Resource.t(),
  constructor :: atom()
) :: {Igniter.t(), true | false}

Returns true if the given resource defines an authentication strategy of the provided type

@spec ensure_get_by_action(Igniter.t(), Ash.Resource.t(), atom()) :: Igniter.t()

Ensures a get_by_<field> read action exists on the resource.

@spec ensure_identity(Igniter.t(), Ash.Resource.t(), atom()) :: Igniter.t()

Ensures a unique identity exists for the given field on a resource.

Adds an identity named :unique_<field> on [:<field>] if one doesn't already exist.

@spec ensure_user_identity_resource(Igniter.t(), module(), module()) :: Igniter.t()

Ensures a UserIdentity resource exists for the given user resource.

If the identity resource module already exists, this is a no-op. Otherwise, generates a new resource with the AshAuthentication.UserIdentity extension. The extension auto-generates all attributes, relationships, actions, and identities — this function only creates the resource shell.

@spec maybe_parse_module(atom() | String.t()) :: module()

Parses a module from a string, or returns an atom as-is.

@spec parent_module(module()) :: module()

Returns the parent module of a given module.

Useful for deriving a domain module from a resource module.

Example

iex> AshAuthentication.Igniter.parent_module(MyApp.Accounts.User)
MyApp.Accounts