Openmaize v0.17.1 Openmaize.Config

This module provides an abstraction layer for configuration.

The following are valid configuration items.

nametypedefault
user_modelmoduleN/A
repomoduleN/A
db_modulemoduleOpenmaize.DB
hash_nameatom:password_hash
crypto_modatom:bcrypt
token_algatom:sha512
token_validityint120 (minutes)
keyrotate_daysint28
password_strengthkeyword list[]

The values for user_model and repo should be module names. If, for example, your app is called Coolapp and your user model is called User, then user_model should be Coolapp.User and repo should be Coolapp.Repo.

Examples

The simplest way to change the default values would be to add the following to the config.exs file in your project.

config :openmaize,
  user_model: Coolapp.User,
  repo: Coolapp.Repo,
  db_module: Coolapp.DB,
  hash_name: :encrypted_password,
  crypto_mod: :pbkdf2,
  token_alg: :sha256,
  token_validity: 60,
  keyrotate_days: 7,
  password_strength: [min_length: 12]

Summary

Functions

The name of the database module

The password hashing and checking algorithm. You can choose between bcrypt and pbkdf2_sha512. Bcrypt is the default

The algorithm used to sign the token

The name in the database for the password hash

The number of days after which the JWT signing keys will be rotated

Options for the password strength check

The repo name

The length of time after which a JSON Web Token expires

The user model name

Functions

db_module()

The name of the database module.

You only need to set this value if you plan on overriding the the functions in the Openmaize.DB module. If you are using Ecto, you will probably not need to set this value.

get_crypto_mod()

The password hashing and checking algorithm. You can choose between bcrypt and pbkdf2_sha512. Bcrypt is the default.

For more information about these two algorithms, see the documentation for Comeonin.

get_token_alg()

The algorithm used to sign the token.

The default value is :sha512, and :sha256 is also supported.

hash_name()

The name in the database for the password hash.

keyrotate_days()

The number of days after which the JWT signing keys will be rotated.

password_strength()

Options for the password strength check.

The basic check will just check the minimum length, which is 8 characters by default. For a more advanced check, you need to have the optional dependency NotQwerty123 installed.

Advanced password strength check

If you have NotQwerty123 installed, there are three options:

  • min_length - the minimum length of the password
  • extra_chars - check for punctuation characters (including spaces) and digits
  • common - check to see if the password is too common (too easy to guess)

See the documentation for Openmaize.Password for more information about these options.

Examples

In the following example, the password strength check will set the minimum length to 16 characters and will skip the extra_chars check:

password_strength: [min_length: 16, extra_chars: false]
repo()

The repo name.

token_validity()

The length of time after which a JSON Web Token expires.

The default length of time is 120 minutes (2 hours).

user_model()

The user model name.