Passport
========
Passport provides authentication for [Phoenix](http://github.com/phoenixframework/phoenix) applications.
How to use?
----------
* add `passport` to your phoenix project's `mix.exs`
```
defp deps do
...
{:passport, "~> 0.1"}
...
end
```
* run `mix deps.get, compile` to download and compile the dependency.
* create an ecto model for your user with fields `email` and `crypted_password`. You may add additional fields if you need. Typically you can create a model in phoenix using the below command
`mix phoenix.gen.model YourApp.User users email crypted_password`
* edit your project's `config/config.exs` file and configure passport. Passport basically needs to know the Repo name and the user module name.
```
config :passport,
repo: YourApp.Repo,
user_class: YourApp.User,
```
Routes
-----
Passport does not create routes or controllers for you. Rather, it only provides easy to use module and methods that you can use in your own router and controller. Overriding default routes and controllers have been one of the pain that I wanted to avoid in passport.
Add the following routes to your router.ex. Change the path/controller name as per your application's needs.
```
scope "/", YourApp do
...
get "/login", SessionController, :new
post "/login", SessionController, :create
get "/logout", SessionController, :delete
get "/signup", RegistrationController, :new
post "/signup", RegistrationController, :create
end
```
Here we assume that
SessionController
* login form is shown in the url '/login' (GET)
* login form gets submitted to the url '/login' (POST)
* user get logout when visiting the path '/logout' (GET)
RegistrationController
* registration form is shown in the url '/signup' (GET)
* registration form gets submitted to the url '/signup' (POST)
Sample session_controller.ex
-------------------
```
defmodule YourApp.SessionController do
use YourApp.Web, :controller
alias Passport.SessionManager
alias YourApp.User
plug :action
def new(conn, _params) do
render conn, "new.html"
end
def create(conn, %{"session" => session_params}) do
case SessionManager.login(conn, session_params) do
{:ok, conn, user} ->
conn
|> put_flash(:info, "Login succesful.")
|> redirect(to: page_path(conn, :index))
{:error, conn} ->
conn
|> put_flash(:info, "Email or password incorrect.")
|> redirect(to: page_path(conn, :index))
end
end
def delete(conn, _params) do
SessionManager.logout(conn)
|> put_flash(:info, "Logged out succesfully.")
|> redirect(to: page_path(conn, :index))
end
end
```
Sample registration_controller.ex
-------------------
```
defmodule YourApp.RegistrationController do
use YourApp.Web, :controller
alias YourApp.User
alias Passport.RegistrationManager
plug :action
def new(conn, _params) do
conn
|> put_session(:foo, "bar")
|> render("new.html")
end
def create(conn, %{"registration" => registration_params}) do
case RegistrationManager.register(registration_params) do
{:ok} -> conn
|> put_flash(:info, "Registration success")
|> redirect(to: page_path(conn, :index))
_ -> conn
|> put_flash(:info, "Registration failed")
|> redirect(to: page_path(conn, :index))
end
end
end
```
Sample session/new.html for displaying login form
-------------
```
<%= form_for @conn, session_path(@conn, :create), [name: :session], fn f -> %>
<div class="form-group">
<label>Email</label>
<%= text_input f, :email, class: "form-control" %>
</div>
<div class="form-group">
<label>Password</label>
<%= text_input f, :password, class: "form-control" %>
</div>
<div class="form-group">
<%= submit "Login", class: "btn btn-primary" %>
</div>
<% end %>
```
Sample registration/new.html for displaying login form
-------------
```
<%= form_for @conn, registration_path(@conn, :create), [name: :registration], fn f -> %>
<div class="form-group">
<label>Email</label>
<%= text_input f, :email, class: "form-control" %>
</div>
<div class="form-group">
<label>Password</label>
<%= text_input f, :password, class: "form-control" %>
</div>
<div class="form-group">
<%= submit "Signup", class: "btn btn-primary" %>
</div>
<% end %>
```
Convenient Shorthands
-------------------
Passport allows to check if an user is signed in or not. You can import the following in web.ex
```
def view do
quote do
...
import Passport.SessionManager, only: [current_user: 1, logged_in?: 1]
...
end
end
```
Then inside your views you can call both `current_user` and `logged_in?` as below:
```
<%= if logged_in?(@conn) do %>
<%= current_user(@conn).email %>
<% end %>
```