/comeonin_ecto_password

Ecto type for saving encrypted passwords using Comeonin

Primary LanguageElixirBSD 3-Clause "New" or "Revised" LicenseBSD-3-Clause

Comeonin Ecto Password

help maintain this lib

A custom Ecto type for storing encrypted passwords using Comeonin

For ecto 1 compatibility use the ecto-1 branch.

Usage

On your schema, define secure fields with this type:

field :password, Comeonin.Ecto.Password

Then on your changeset simply cast from plain-text params

cast(changeset, params, ~w(password), ~w())

After casting the password will already be encrypted in the changeset, and can be saved to your table's string column.

To check for validity, do something like:

user = Repo.get_by User, email: "me@example.org"
Comeonin.Ecto.Password.valid?("plain_password", user.password)

Configuration

In your environment file, choose one of Comeonin.Pbkdf2 or Comeonin.Bcrypt

config :comeonin, Ecto.Password, Comeonin.Pbkdf2

# when using pkbdf2
config :comeonin, :pbkdf2_rounds, 120_000
config :comeonin, :pbkdf2_salt_len, 512

# when using bcrypt
config :comeonin, :bcrypt_log_rounds, 14

Also, be sure to look at comeonin config

Installation

Available in Hex, the package can be installed as:

  1. Add comeonin_ecto_password to your list of dependencies in mix.exs:
def deps do
  [{:comeonin_ecto_password, "~> 2.0.0"}]
end
  1. Ensure comeonin is started before your application:
def application do
  [applications: [:comeonin]]
end