Dan Schultzer
Dan Schultzer
This allows for custom extension routes. Custom route for email confirmation will look like this: ```elixir defmodule MyAppWeb.Pow.Routes do use Pow.Phoenix.Routes use Pow.Extension.Phoenix.Routes, extension: [PowEmailConfirmation] alias MyAppWeb.Router.Helpers, as: Routes def...
This PR will be up for a long time, but is here to keep track of deprecations, and minimum requirements changes. New minimum requirements: - Elixir 1.7 - Ecto 3.0...
I'm not 100% sure if this is the best way to handle the optional dependency. It seems to fail in umbrella setups. Also, there'll be some warnings like the following:...
Currently `Pow.Operations` only passes the config to the `Pow.Ecto.Context` module, but not any custom context module: ```elixir @spec authenticate(map(), Config.t()) :: map() | nil def authenticate(params, config) do case context_module(config)...
Add two factor support to Pow with at least OTP and FIDO U2F support. Good primer for ensuring secure and useful two factor setup: https://medium.com/@stuartschechter/before-you-turn-on-two-factor-authentication-27148cc5b9a1 Edit: Here's some security considerations:...
One thing that I keep thinking about is the backend store. Ref #392 #386. Looking at the [`mix phx.gen.auth` proposal PR](https://github.com/dashbitco/mix_phx_gen_auth_demo/pull/1), they put all tokens in the Ecto DB. I...
Prompted by https://github.com/danschultzer/pow/issues/386#issuecomment-578016442 Currently `Pow.Plug.delete_user/2` calls `do_delete/2` for the plug, which only deletes the current session. However it should clear all sessions for the user. Only `Pow.Store.CredentialsCache` knows about related...
This was already discussed way back in https://github.com/danschultzer/pow/issues/122, but now with the [Phoenix Live Dashboard](https://github.com/phoenixframework/phoenix_live_dashboard) announcement I think it's time to add in the telemetry events so it can easily...
The following guides may be improved with unit test examples: - [ ] https://github.com/danschultzer/pow/blob/master/guides/custom_controllers.md - [ ] https://github.com/danschultzer/pow/blob/master/guides/sync_user.md - [x] ~~https://github.com/danschultzer/pow/blob/master/guides/lock_users.md~~ - [x] ~~https://github.com/danschultzer/pow/blob/master/guides/user_roles.md~~ There's already unit test in this...
When an email can't be found in `PowResetPassword.Plug.create_reset_token/2`, the [`PowResetPassword.Plug.change_user/2` is called](https://github.com/danschultzer/pow/blob/v1.0.19/lib/extensions/reset_password/plug.ex#L58) which adds a `password can't be blank` error to the changeset. This doesn't make sense, and it should...