entrance v0.1.0 Entrance.Auth.Bcrypt

Provides functions for hashing passwords and authenticating users using Bcrypt.

This module assumes that you have a virtual field named password, and a database backed string field named hashed_password.

Usage

Example

defmodule User do
  import Entrance.Auth.Bcrypt, only: [hash_password: 1]

  import Ecto.Changeset

  def create_changeset(struct, changes) do
    struct
      |> cast(changes, ~w(email password))
      |> hash_password
  end
end

To authenticate a user in your application, you can use authenticate/2:

user = Repo.get(User, 1)
User.authenticate(user, "password")

Link to this section Summary

Functions

Compares the given password against the given user'ss password.

Takes a changeset and turns the virtual password field into a hashed_password change on the changeset.

Simulates password check to help prevent timing attacks. Delegates to Bcrypt.no_user_verify/0.

Link to this section Functions

Link to this function

authenticate(user, password)

Compares the given password against the given user'ss password.

Link to this function

hash_password(changeset)

Takes a changeset and turns the virtual password field into a hashed_password change on the changeset.

Link to this function

no_user_verify()

Simulates password check to help prevent timing attacks. Delegates to Bcrypt.no_user_verify/0.