entrance v0.1.0 Entrance.Auth.Bcrypt
Provides functions for hashing passwords and authenticating users using Bcrypt.
This module assumes that you have a virtual field named password
, and a
database backed string field named hashed_password
.
Usage
Example
defmodule User do
import Entrance.Auth.Bcrypt, only: [hash_password: 1]
import Ecto.Changeset
def create_changeset(struct, changes) do
struct
|> cast(changes, ~w(email password))
|> hash_password
end
end
To authenticate a user in your application, you can use authenticate/2
:
user = Repo.get(User, 1)
User.authenticate(user, "password")
Link to this section Summary
Functions
Compares the given password
against the given user
'ss password.
Takes a changeset and turns the virtual password
field into a
hashed_password
change on the changeset.
Simulates password check to help prevent timing attacks. Delegates to
Bcrypt.no_user_verify/0
.
Link to this section Functions
authenticate(user, password)
Compares the given password
against the given user
'ss password.
hash_password(changeset)
Takes a changeset and turns the virtual password
field into a
hashed_password
change on the changeset.
no_user_verify()
Simulates password check to help prevent timing attacks. Delegates to
Bcrypt.no_user_verify/0
.