Raxol. Auth
(Raxol v2.6.0)
View Source
Authentication and session management for Raxol.
Provides session creation, validation, and multi-factor authentication support.
Example
{:ok, session} = Raxol.Auth.create_session(user,
expires_in: :timer.hours(24),
renewable: true
)
case Raxol.Auth.validate_session(token) do
{:ok, user} -> authorize(user)
{:error, :expired} -> redirect_to_login()
end
Summary
Functions
Create a new authenticated session.
Enable multi-factor authentication for a user.
Invalidate a session.
Register a WebAuthn credential.
Validate a session token.
Verify a TOTP code.
Types
@type session() :: %{ token: String.t(), user_id: String.t(), expires_at: DateTime.t(), renewable: boolean(), metadata: map() }
Functions
Create a new authenticated session.
Options
:expires_in- Session duration in milliseconds (default: 24 hours):renewable- Whether session can be renewed (default: true):ip_locked- Lock session to IP address (default: false):metadata- Additional session metadata
Example
{:ok, session} = Raxol.Auth.create_session(user,
expires_in: :timer.hours(24),
renewable: true
)
Enable multi-factor authentication for a user.
Supported types
:totp- Time-based One-Time Password:webauthn- WebAuthn/FIDO2
Example
{:ok, secret} = Raxol.Auth.enable_mfa(user, :totp)
@spec invalidate_session(String.t()) :: :ok
Invalidate a session.
Register a WebAuthn credential.
Example
{:ok, credential} = Raxol.Auth.register_webauthn(user)
Validate a session token.
Example
case Raxol.Auth.validate_session(token) do
{:ok, user} -> authorize(user)
{:error, :expired} -> redirect_to_login()
{:error, :invalid} -> log_security_event()
end
Verify a TOTP code.
Example
{:ok, :verified} = Raxol.Auth.verify_totp(user, "123456")