{"id":21927002,"url":"https://github.com/rzane/authenticator","last_synced_at":"2026-02-08T16:04:47.301Z","repository":{"id":57479086,"uuid":"118394051","full_name":"rzane/authenticator","owner":"rzane","description":"Provides the glue for authenticating HTTP requests.","archived":false,"fork":false,"pushed_at":"2018-03-27T15:05:54.000Z","size":38,"stargazers_count":2,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-07-13T22:53:16.441Z","etag":null,"topics":["authentication","authority","headers","plug","session"],"latest_commit_sha":null,"homepage":"https://hex.pm/packages/authenticator","language":"Elixir","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/rzane.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2018-01-22T02:08:42.000Z","updated_at":"2020-01-19T02:37:52.000Z","dependencies_parsed_at":"2022-09-17T04:42:23.084Z","dependency_job_id":null,"html_url":"https://github.com/rzane/authenticator","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/rzane/authenticator","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rzane%2Fauthenticator","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rzane%2Fauthenticator/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rzane%2Fauthenticator/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rzane%2Fauthenticator/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/rzane","download_url":"https://codeload.github.com/rzane/authenticator/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rzane%2Fauthenticator/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":267334166,"owners_count":24070513,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-07-27T02:00:11.917Z","response_time":82,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["authentication","authority","headers","plug","session"],"created_at":"2024-11-28T22:12:58.239Z","updated_at":"2026-02-08T16:04:43.006Z","avatar_url":"https://github.com/rzane.png","language":"Elixir","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Authenticator [![Build Status](https://travis-ci.org/rzane/authenticator.svg?branch=master)](https://travis-ci.org/rzane/authenticator)\n\nThis module provides the glue for authenticating HTTP requests.\n\nBy using `Authenticator`, you'll get the following functions:\n\n* `sign_in(conn, user)` - Sign a user in.\n* `sign_out(conn)` - Sign a user out.\n* `signed_in?(conn)` - Check if a user is signed in.\n\nYou'll also get the following plugs:\n\n* `plug :authenticate_session` - Authenticate a user from the session.\n* `plug :authenticate_header` - Authenticate a user from the `Authorization` header.\n* `plug :ensure_authenticated` - Make sure a user is signed in.\n* `plug :ensure_unauthenticated` - Make sure a user is _not_ signed in.\n\n## Installation\n\nThe package can be installed by adding `authenticator` to your list of dependencies in `mix.exs`:\n\n```elixir\ndef deps do\n  [{:authenticator, \"~\u003e 1.0.0\"}]\nend\n```\n\n## Usage\n\nTo use `Authenticator`, you'll need to define the following functions:\n\n* `tokenize(resource)` - Serialize the user into a \"token\" that can be stored in the session.\n* `authenticate(resource)` - Given a \"token\", locate the user.\n\nHere's an example implementation of an authenticator:\n\n```elixir\n# lib/my_app_web/authentication.ex\n\ndefmodule MyAppWeb.Authentication do\n  use Authenticator, fallback: MyAppWeb.FallbackController\n\n  alias MyApp.Repo\n  alias MyApp.Accounts.User\n\n  @impl true\n  def tokenize(user) do\n    {:ok, to_string(user.id)}\n  end\n\n  @impl true\n  def authenticate(user_id) do\n    case Repo.get(User, user_id) do\n      nil -\u003e\n        {:error, :unauthenticated}\n\n      user -\u003e\n        {:ok, user}\n    end\n  end\nend\n```\n\n## Session authentication\n\nIn your router, you'll define your plugs like so:\n\n```elixir\nimport MyAppWeb.Authenticator\n\npipeline :browser do\n  # snip...\n  plug :authenticate_session\nend\n\npipeline :authenticated do\n  plug :ensure_authenticated\nend\n\nscope \"/\", MyAppWeb do\n  pipe_through([:browser, :authenticated])\n\n  # declare protected routes here\nend\n```\n\nThe controller where you're implementing login might look like this:\n\n```elixir\ndef create(conn, %{\"email\" =\u003e email, \"password\" =\u003e password}) do\n  with {:ok, user} \u003c- MyApp.Accounts.authenticate({email, password}) do\n    conn\n    |\u003e MyAppWeb.Authentication.sign_in(user)\n    |\u003e redirect(to: \"/\")\n  end\nend\n\ndef destroy(conn, _params) do\n  conn\n  |\u003e MyAppWeb.Authentication.sign_out()\n  |\u003e redirect(to: \"/\")\nend\n```\n\n## API authentication\n\nIn your router, you'll define your plugs like so:\n\n```elixir\nimport MyAppWeb.Authentication\n\npipeline :browser do\n  # snip...\n  plug :authenticate_header\nend\n\npipeline :authenticated do\n  plug :ensure_authenticated\nend\n\nscope \"/\", MyAppWeb do\n  pipe_through([:browser, :authenticated])\n\n  # declare protected routes here\nend\n```\n\nThe controller where you're implementing login might look like this:\n\n```elixir\ndef create(conn, %{\"email\" =\u003e email, \"password\" =\u003e password}) do\n  with {:ok, user} \u003c- MyApp.Accounts.authenticate({email, password}),\n       {:ok, token} \u003c- MyAppWeb.Authenticator.tokenize(user) do\n    conn\n    |\u003e MyAppWeb.Authentication.sign_in(user, session: false)\n    |\u003e json(%{token: token})\n  end\nend\n\ndef destroy(conn, _params) do\n  conn\n  |\u003e MyAppWeb.Authentication.sign_out(session: false)\n  |\u003e send_resp(204, \"\")\nend\n```\n\n## Fallback\n\nWhen an error occurs, the `call/2` function of your fallback will be called. This is where you'd handle errors.\n\nSee [the Phoenix docs](https://hexdocs.pm/phoenix/Phoenix.Controller.html#action_fallback/1) for an example fallback controller.\n\n```elixir\ndefmodule MyAppWeb.FallbackController do\n  use Phoenix.Controller\n  import MyAppWeb.Router.Helpers\n\n  # This would mean that the `:ensure_authenticated` plug failed.\n  def call(conn, {:error, :unauthenticated}) do\n    case get_format(conn) do\n      \"html\" -\u003e\n        conn\n        |\u003e put_flash(:error, \"You need to sign in to continue.\")\n        |\u003e redirect(to: login_path(conn))\n        |\u003e halt()\n\n      \"json\" -\u003e\n        conn\n        |\u003e put_status(401)\n        |\u003e json(%{error: \"You need to sign in to continue.\"})\n        |\u003e halt()\n    end\n  end\n\n  # This would mean that the `:ensure_unauthenticated` plug failed.\n  def call(conn, {:error, :already_authenticated}) do\n    conn\n    |\u003e put_flash(:error, \"You are already signed in.\")\n    |\u003e redirect(to: page_path(conn, :index))\n    |\u003e halt()\n  end\nend\n```\n\n## Usage with Authority\n\n`Authenticator` works very nicely with [`Authority`](https://github.com/infinitered/authority) and [`Authority.Ecto`](https://github.com/infinitered/authority_ecto).\n\nHere's an example authenticator:\n\n```elixir\ndefmodule MyAppWeb.Authentication do\n  use Authenticator, fallback: MyAppWeb.FallbackController\n\n  @impl true\n  def tokenize(user) do\n    with {:ok, token} \u003c- MyApp.Accounts.tokenize(user) do\n      {:ok, token.token}\n    end\n  end\n\n  @impl true\n  def authenticate(token) do\n    MyApp.Accounts.authenticate(%MyApp.Accounts.Token{token: token})\n  end\nend\n```\n\n\u003e _Note:_ In the above example, we're serializing the user into a token. If you're using `Authority.Ecto`, tokens are stored in the database. The benefit of using a token (as opposed to the user's ID), is that we can revoke specific sessions by deleting tokens from the database.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frzane%2Fauthenticator","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Frzane%2Fauthenticator","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frzane%2Fauthenticator/lists"}