[Aeacus - The holder of keys](https://en.wikipedia.org/wiki/Aeacus)
======
A simple, secure, and highly configurable Elixir identity [username | email | id | etc.]/password authentication module to use with Ecto.
[](https://travis-ci.org/zmoshansky/aeacus) [](https://hex.pm/packages/aeacus) [](https://hex.pm/packages/aeacus) [](https://github.com/zmoshansky/aeacus/issues) [](https://github.com/zmoshansky/aeacus/pulls)
#### Description ####
Aeacus only performs authentication, making it well suited for integration with session storage, or a token system; like [Guardian](https://github.com/hassox/guardian). Alternatively, this could be used directly over a secure (HTTPS) connection with [HTTP Basic Auth](https://en.wikipedia.org/wiki/Basic_access_authentication); But, it is highly discouraged as there is a greater security risk, due to repeatedly sending your authentication information to the server, only relying on TLS for security.
#### Requirements ####
Aeacus requires that you have an Ecto model that has UNIQUE(identity_field) and password_field. These fields can be configured to easily match your schema, whether it be `username`, `email`, or `pass`, `password`, `hash`, `hashed_password`, etc. Of course, the passwords must be stored using the same crypto system as Aeacus; The password should be salted and hashed, plaintext is heavily discouraged. See the tests for examples.
#### Config ####
You must set the `:repo` and `:model` for Aeacus. The other options have sane defaults.
```
config :aeacus, Aeacus,
repo: MyApp.Repo,
model: MyApp.User,
# Optional, The following are the default options
crypto: Comeonin.Pbkdf2,
identity_field: :email,
password_field: :hashed_password,
error_message: "Invalid identity or password."
```
#### Example Session Controller ####
`Aeacus.Authenticator.authenticate` expects a `Map` with keys `:identity`, and `:password`. Alternatively, `Aeacus.Authenticator.authenticate_resource` can be used if a resource is already loaded.
```
defmodule MyApp.SessionController do
def create(conn, params) do
case Aeacus.Authenticator.authenticate %{identity: params[:email], password: params[:pass]} do
{:ok, user} -> CreateTokenOrCookie
{:error, message} -> DisplayAuthenticationScreenAgain
end
end
end
```