Thanks to visit codestin.com
Credit goes to Github.com

Skip to content
/ comeonin Public
forked from riverrun/comeonin

Password authorization (bcrypt, pbkdf2_sha512) library for Elixir

hex.pm/packages/comeonin

License

View license
0 stars 64 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Joe-noh/comeonin

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

68 Commits
c_src
c_src
 
 
config
config
 
 
lib
lib
 
 
test
test
 
 
.gitignore
.gitignore
 
 
.travis.yml
.travis.yml
 
 
CHANGELOG.md
CHANGELOG.md
 
 
LICENSE
LICENSE
 
 
Makefile
Makefile
 
 
Makefile.win
Makefile.win
 
 
README.md
README.md
 
 
mix.exs
mix.exs
 
 
mix.lock
mix.lock
 
 

Repository files navigation

Comeonin Build Status Hex.pm Version

Password authorization (bcrypt, pbkdf2_sha512) library for Elixir.

This library is intended to make it very straightforward for developers to authorize users in as secure a manner as possible.

Comeonin now supports bcrypt and pbkdf2_sha512.

Features

  • Comeonin uses the most secure, up-to-date hashing schemes.
  • It is easy to use.
    • There are several convenience functions to make authorizing users easier.
    • Salts are generated by default.
    • Each function has sensible, secure defaults.
  • It provides good documentation.

Installation

  1. Add comeonin to your mix.exs dependencies
defp deps do
  [ {:comeonin, "~> 0.2"} ]
end
  1. List :comeonin as an application dependency
def application do
  [applications: [:logger, :comeonin]]
end
  1. Run mix do deps.get, compile

Usage

Either import or alias the algorithm you want to use -- either Comeonin.Bcrypt or Comeonin.Pbkdf2.

Both algorithms use similar naming conventions so as to make it easy to switch between them. Both have the hashpwsalt function, which is a convenience function that automatically generates a salt and then hashes the password.

To hash a password with the default options:

hash = hashpwsalt("difficult2guess")

See each module's documentation for more information about all the available options.

To check a password against the stored hash, use the checkpw function. This takes two arguments: the plaintext password and the stored hash:

checkpw(password, stored_hash)

There is also a dummy_checkpw function, which takes no arguments and is to be used when the username cannot be found. It performs a hash, but then returns false. This can be used to make user enumeration more difficult.

Documentation

http://hexdocs.pm/comeonin

Requirements

OTP version 17.3 or later

Status

The bcrypt implementation is based on the latest OpenBSD version, which fixed a small issue that affected some passwords longer than 72 characters. It has been thoroughly tested in a development environment, but it has not had much testing in production.

Comeonin has been tested on Linux, OS X and FreeBSD, but it has not been tested on Windows. If you have any problems with the build, please let us know.

License

BSD. For full details, please read the LICENSE file.

About

Password authorization (bcrypt, pbkdf2_sha512) library for Elixir

hex.pm/packages/comeonin

Resources

Readme

License

View license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • C 61.1%
  • Elixir 38.0%
  • Makefile 0.9%