Openmaize v2.5.1 Openmaize.Config

This module provides an abstraction layer for configuration.

The following are valid configuration items.

nametypedefault
crypto_modmoduleComeonin.Bcrypt
hash_nameatom:password_hash
password_strengthkeyword list[]
remember_saltstringN/A

Examples

The simplest way to change the default values would be to add an openmaize entry to the config.exs file in your project, like the following example.

config :openmaize,
  crypto_mod: Comeonin.Bcrypt,
  hash_name: :encrypted_password,
  password_strength: [min_length: 12]

Summary

Functions

The password hashing and checking algorithm. Bcrypt is the default

The name in the database for the password hash

Options for the password strength check

Salt to be used when signing and verifying the remember me cookie

Functions

crypto_mod()

The password hashing and checking algorithm. Bcrypt is the default.

You can supply any module, but the module must implement the following functions:

  • hashpwsalt/1 - hashes the password
  • checkpw/2 - given a password and a salt, returns if match
  • dummy_checkpw/0 - performs a hash and returns false

See Comeonin.Bcrypt for examples.

hash_name()

The name in the database for the password hash.

password_strength()

Options for the password strength check.

The basic check will just check the minimum length, which is 8 characters by default. For a more advanced check, you need to have the optional dependency NotQwerty123 installed.

Advanced password strength check

If you have NotQwerty123 installed, there are three options:

  • min_length - the minimum length of the password
  • extra_chars - check for punctuation characters (including spaces) and digits
  • common - check to see if the password is too common (too easy to guess)

See the documentation for Openmaize.Password for more information about these options.

Examples

In the following example, the password strength check will set the minimum length to 16 characters and will skip the extra_chars check:

password_strength: [min_length: 16, extra_chars: false]
remember_salt()

Salt to be used when signing and verifying the remember me cookie.