This post is mirrored from it's original location on the Alembic blog.
We're extremely pleased to announce the first public release of ash_authentication and ash_authentication_phoenix. Ash Authentication allows you to authenticate users in your Elixir applications using a simple DSL on your Ash resources.
Using Ash Authentication saves you the time, effort and maintenance burden of implementing your own solution. This improves significantly upon hand rolling or generating code because you rely on a library to implement authentication rather than managing that code yourself making it much more secure.
What is Ash?
Ash Framework is a declarative, resource-oriented application development framework for Elixir. Resources can model anything; a database table, an external API, or even your own code. See the recent 2.0 announcement here.
You can think of Ash as a standardised way to model and build your applications by composing features together. It takes care of the common requirements of building an Elixir application so you can focus on building the parts that make your application special.
Ash Authentication fits neatly into the Ash ecosystem by defining a handful of extensions which can modify Ash resources to add new functionality. The ability of Ash to be extended is what makes Ash so powerful. In fact, Ash's own resources and APIs are extensions!
What is Ash Authentication?
Ash Authentication is a drop-in authentication solution for users of the Ash framework who want to provide password-based or social sign-in via OAuth 2.0.
defmodule MyApp.Accounts.User do use Ash.Resource, extensions: [AshAuthentication] authentication do api MyApp.Accounts strategies do password do identity_field :email end end end end
Current features include:
- Registration and sign-in using passwords.
- Registration and sign-in using OAuth 2.0.
- Confirmation and reset flows.
- Extensible LiveView components.
- Predefined configuration for Auth0 and GitHub sign-in with more coming soon.
- Works with or without Phoenix.
Why Ash Authentication?
Critically, Ash Authentication is not a code generator, but an extension to the Ash ecosystem of declaratively defined applications. This means that you'll receive security updates, performance improvements or new features just like any other Elixir library - with a simple
mix deps.update. Additionally, it can be extended to provide new and novel authentication systems by third-party extensions or your own team.
Importantly, all the authentication code lives in the library, so you'll never have to manage generated or hand written code in your own app. Stop worrying about security or updating generated code as it drifts over time.
We have a lot of exciting new features planned for Ash Authentication, including two factor authentication, lots more pre-configured social sign in options, and the ability to act as an OAuth2 provider allowing other apps to sign into your app.
If you feel Ash Authentication is missing something important then please feel free to raise an issue.
Can I use it in my app?
Yes. We've put a lot of effort into making sure that the code is well structured and safe by default. It is in production already in several applications, including Ash HQ and a handful of community owned apps from which we've received and addressed a lot of feedback. With that said, this is a new library that hasn't seen wider production usage, so by all means try it out but please don't use it for anything you would consider mission critical just yet.
With the help of the community, we'll be addressing feedback and issues as they arise. The benefit of the Ash approach is that any issues that are resolved and released will be available to your app via a simple upgrade of the Ash Auth dependency.
I'm interested, now what?
😎 Happy Coding! 😎
- Getting Started Guide
- Ash Auth Documentation
- Ash Discord