entrance v0.1.0 Entrance.Auth.Secret

Provides functions for creating secure random strings to be used as session secret.

This module assumes that you have a field session_secret in your db table.

Usage

Example

defmodule MyApp.UserController do
  use MyApp.Web, :controller
  alias Entrance.Auth.Secret
  alias MyApp.User

  def create(conn, %{"user" => user_params}) do
    changeset =
      %User{}
      |> User.create_changeset(user_params)
      |> Secret.put_session_secret()

    case Repo.insert(changeset) do
      {:ok, user} ->
        conn |> redirect(to: "/")
      {:error, changeset} ->
        conn |> render("new.html", changeset: changeset)
    end
  end
end

Setting the session key for an user is only needed on creation or if a user session did get compromised.

Link to this section Summary

Functions

Takes a changeset and adds a secure random string in the session_secret field.

Link to this section Functions

Link to this function

put_session_secret(changeset, length \\ 64)

Takes a changeset and adds a secure random string in the session_secret field.