Openmaize v0.17.1 Openmaize.Config
This module provides an abstraction layer for configuration.
The following are valid configuration items.
name | type | default |
---|---|---|
user_model | module | N/A |
repo | module | N/A |
db_module | module | Openmaize.DB |
hash_name | atom | :password_hash |
crypto_mod | atom | :bcrypt |
token_alg | atom | :sha512 |
token_validity | int | 120 (minutes) |
keyrotate_days | int | 28 |
password_strength | keyword list | [] |
The values for user_model and repo should be module names.
If, for example, your app is called Coolapp and your user
model is called User, then user_model
should be
Coolapp.User and repo
should be Coolapp.Repo.
Examples
The simplest way to change the default values would be to add
the following to the config.exs
file in your project.
config :openmaize,
user_model: Coolapp.User,
repo: Coolapp.Repo,
db_module: Coolapp.DB,
hash_name: :encrypted_password,
crypto_mod: :pbkdf2,
token_alg: :sha256,
token_validity: 60,
keyrotate_days: 7,
password_strength: [min_length: 12]
Summary
Functions
The name of the database module
The password hashing and checking algorithm. You can choose between bcrypt and pbkdf2_sha512. Bcrypt is the default
The algorithm used to sign the token
The name in the database for the password hash
The number of days after which the JWT signing keys will be rotated
Options for the password strength check
The repo name
The length of time after which a JSON Web Token expires
The user model name
Functions
The name of the database module.
You only need to set this value if you plan on overriding the the functions in the Openmaize.DB module. If you are using Ecto, you will probably not need to set this value.
The password hashing and checking algorithm. You can choose between bcrypt and pbkdf2_sha512. Bcrypt is the default.
For more information about these two algorithms, see the documentation for Comeonin.
The algorithm used to sign the token.
The default value is :sha512, and :sha256 is also supported.
Options for the password strength check.
The basic check will just check the minimum length, which is 8 characters by default. For a more advanced check, you need to have the optional dependency NotQwerty123 installed.
Advanced password strength check
If you have NotQwerty123 installed, there are three options:
- min_length - the minimum length of the password
- extra_chars - check for punctuation characters (including spaces) and digits
- common - check to see if the password is too common (too easy to guess)
See the documentation for Openmaize.Password for more information about these options.
Examples
In the following example, the password strength check will set the minimum
length to 16 characters and will skip the extra_chars
check:
password_strength: [min_length: 16, extra_chars: false]
The length of time after which a JSON Web Token expires.
The default length of time is 120 minutes (2 hours).