riverrun
Openmaize authentication library - now called Phauxth
Openmaize is an authentication library which relies heavily on Plug and uses JSON Web Tokens for authentication.
I’ve just released version 1.0.0-beta. For people who are already using Openmaize, change the :openmaize line in the deps in your mix.exs file to {:openmaize, “~> 1.0.0-beta”} and read the following guide about the other changes that need to be made. The major change since the last version is that the database functions have been moved outside of the Openmaize library, and you need to generate these functions by running the mix openmaize.gen.ectodb command (if you are using Ecto).
If you have any questions / comments, please let me know.
Most Liked
riverrun
Last week I updated Openmaize to version 3.0.
The major changes are that I’ve added configurable logging to it and updated the installer (for Phoenix apps) and the wiki.
For anyone who is already using Openmaize, there are two other small changes:
- the default
unique_id(user-identifier) for the Login and OnetimePass modules is nowemail(instead of username). - the user map that is returned by the Openmaize Plugs now filters out certain keys to help prevent sensitive information being leaked
At the moment, the logging provides info and warn messages in logfmt format. The log level, though, can be changed by setting the log_level value in the config - and it can be turned off by setting this value to false.
Finally, many thanks to everyone who has contributed to this project, especially Christian Bäuerlein and Franco Bellagamba, who helped with the installer, Ben Sharman, who contributed to the logging feature, and Guido Tripaldi, who worked with me on making the OnetimePass Plug more secure.
riverrun
I’ve just released openmaize version 2.0, which uses Plug cookie-based sessions by default, and openmaize_jwt version 1.0, which uses JSON Web Tokens.
Here is the upgrade guide for openmaize, and
here is the upgrade guide for openmaize_jwt.
Here is an example app using openmaize, and here is
an example app using openmaize_jwt.
riverrun
Just released version 1.0 of Phauxth.
A couple of changes since the earlier post:
- Phauxth depends on Plug, but it no longer depends on Phoenix
- Phauxth uses a custom token implementation based Phoenix.Token
You can find more info at the wiki, and there is also a gitter room.
riverrun
The work on Openmaize is now going to be transferred to Phauxth.
With the changes made to Phoenix 1.3, I decided that this would be a good chance to make several changes myself – changes that I had thinking about for some time.
The major differences between Openmaize and Phauxth are:
- Phauxth is designed to be a lot more extensible
- rather than trying to satisfy every authentication need, I want to make it easy for developers to extend the core functionality
- Phauxth depends on Phoenix (so I can use Phoenix tokens)
riverrun
I’ve release version 1.0 (no beta).
Other news is that I’ve opened an issue about adding an option to use sessions instead of JWTs. It would be good to get some feedback about what developers would prefer.
There is also this issue about migrating from Rails / devise. I hope to be making some improvements to the documentation about this in the next few days.








