Phauxth v1.1.0 Phauxth.Token View Source
Create api tokens, based on the Phoenix token implementation.
The data stored in the token is signed to prevent tampering but not encrypted. This means it is safe to store identification information (such as user IDs) but should not be used to store confidential information (such as credit card numbers).
Arguments to sign/3 and verify/4
The first argument to both sign/3
and verify/4
is the key_source
,
from which the function can extract the secret key base. This can be one of:
- the module name of a Phoenix endpoint
- a
Plug.Conn
struct - a
Phoenix.Socket
struct a string, representing the secret key base itself
- this string should be at least 20 randomly generated characters should be used
The second argument to sign/3 is the data to be signed, which can be an integer or string identifying the user, or a map with the user parameters.
The second argument to verify/4 is the token to be verified.
The third argument to verify/4 is the max_age
(maximum age), in seconds,
of the token. The recommended maximum age depends on how the token is used.
For example, the Phauxth.Confirm module sets the maximum age to 1200, which
is 20 minutes, but the Phauxth.Authenticate module sets the maximum age to
14_400, which is 4 hours.
The third argument to sign/3, or the fourth argument to verify/4, is
the opts
, the key generator options. # ADD DOCS ABOUT TOKEN_SALT
The key generator has three options:
key_iterations - the number of iterations the key derivation function uses
- the default is 1000
key_length - the length of the key, in bytes
- the default is 32
key_digest - the hash algorithm that is used
- the default is :sha256
Note that the same key generator options should be used for signing and verifying tokens.
Link to this section Summary
Link to this section Functions
Sign the token.
See the module documentation for information about the options available.
Verify the token.
See the module documentation for information about the options available.