gushonorato
Magic Auth - An Phoenix Authentication Library Designed for Effortless Setup 🚀
Hey everyone! ![]()
I’m excited to share a new library with you all: Magic Auth! It’s an authentication library for Phoenix projects that aims to make your life as a developer easier by offering an authentication solution with minimal setup effort.
Why I Built Magic Auth
While phx.gen.auth is amazing, it can require a significant amount of time to implement all the necessary flows, such as password resets, recovery screens, and UI customization. Magic Auth is designed to simplify authentication, requiring virtually the same minimal effort as implementing a BASIC HTTP authentication flow, but with much more power!
What Magic Auth Brings to the Table
Here’s a quick rundown of the key features:
• Ship Faster
: No time wasted configuring password resets and recovery flows—just implement and ship your product.
• Passwordless Authentication
: Secure login process through one-time passwords sent via email. One-time passwords are better than magic links because users can receive the code on one device (e.g., phone email) and enter it on another (e.g., desktop browser).
• Enhanced Security
: Protect your application from brute force attacks with built-in rate limiting and account lockout mechanisms.
• Customizable Interface
: Use the beautiful default UI components out of the box, or customize them fully to match your design perfectly.
• Effortless Configuration and Comprehensive Documentation
: Quick and simple integration with your Phoenix project, with detailed guides and references to assist you through every step of the integration process.
• Schema Agnostic
: Implement authentication without requiring a user schema—ideal for everything from MVPs to complex applications.
Why This Matters
I’m deeply passionate about making the Elixir/Phoenix ecosystem the go-to choice for building MVPs and startups. I truly believe Elixir and Phoenix have unmatched potential for speed, scalability, and developer happiness.
Authentication can often be a roadblock, especially when you’re moving fast to validate ideas or launch a product. Magic Auth removes that friction so you can spend less time on boilerplate and more time building something awesome.
Check out Magic Auth on GitHub: GitHub - gushonorato/magic_auth: An Elixir authentication library designed for effortless setup.. Give it a try, and let me know your thoughts! Your feedback can help shape Magic Auth into an even better tool for the community.
Let’s make the Elixir/Phoenix ecosystem the best place to build startups and MVPs.
Cheers,
Gustavo
P.S. Feel free to ask questions or share your thoughts. I’d love to hear how Magic Auth can help your projects! ![]()
Most Liked
gushonorato
Thank you for your feedback! I believe that with just a few modifications, I can add support for sending TOTP to a phone instead of email. Could you please open an issue on GitHub describing your use case?
gushonorato
Release 0.2.0
Hey everyone! I’m excited to announce the release of Magic Auth v0.2.0, packed with several improvements and new features.
Enhancements
- Multi-tenancy support via query prefixes and foreign keys.
- Improved error messaging when
mix magic_auth.installfails to inject code into the necessary files. - You can now return a tuple like
{:allow, user_id}from thelog_in_requested/1callback. Magic Auth will store the user ID in%Session{user_id: user_id}, andfetch_magic_auth_session/2will automatically load and assign the user to:current_user. - Default logging for success and error messages in the generated email-sending code.
- New test helpers to streamline testing. Check out the Testing Guide for details.
This version includes breaking changes. Make sure to review the Changelog for migration instructions.
nix2intel
Will this support totp in the future where i can setup a phone or passkey for auth? Looks amazing btw.
gushonorato
[Release] Version 0.1.1 – Important Security Fix
Hello everyone,
We’ve just released version 0.1.1, and we strongly recommend updating to this latest version as it includes a critical security fix.
[0.1.1] - 2025-01-29
Fixed
- One-time passwords are not being deleted after verified, allowing them to be reused multiple times until they expire.
Please update as soon as possible and let us know if you have any feedback! ![]()
Thanks for your support!
sreyansjain
Great work. Congratulations and Thank you.
Do you have any guide about using Magic Auth without liveview?
I wan’t to use Magic Auth with phoenix controllers and (dead) views. Please advise.







