pow_assent icon indicating copy to clipboard operation
pow_assent copied to clipboard

Published 20 hours ago verified publisher icon pow-auth

any way to restrict login to external provider only?

Open mus0u opened this issue 4 years ago • 2 comments

i have successfully set up the auth0 provider and am able to log in with it, but i don't want to let users be able to auth against the local DB, only the auth0 one. it appears that removing pow_session_routes() from the router seems to break pow_assent, however. is there a correct way to accomplish this?

mus0u avatar Jun 02 '20 20:06 mus0u

Hack alert: I've found that replacing pow_routes() with its sub-macro pow_session_routes() prevents registration using the default Pow route (though /session/new will 50x) whilst not affecting Pow Assent.

wodow avatar Jul 01 '20 18:07 wodow

@wodow Double Hack alert: if you hijack the /session/new route before defining the pow_sesssion_routes you can "redirect" session/new to a different action:

scope "/" do
  pipe_through(:browser)

  # Hack Alert
  get("/session/new", MyAppWeb.PageController, :index)
  # 
  pow_session_routes()
  pow_assent_routes()
end

jbosse avatar Jul 27 '20 17:07 jbosse