Auth
with love by Dave and Allen
![](https://s3.amazonaws.com/media-p.slid.es/uploads/10373/images/6715294/phoenix.png)
![](https://s3.amazonaws.com/media-p.slid.es/uploads/10373/images/6715295/elixir.png)
![](https://s3.amazonaws.com/media-p.slid.es/uploads/10373/images/6715297/ecto.png)
![](https://s3.amazonaws.com/media-p.slid.es/uploads/10373/images/6715308/oauth2.png)
Tools
Oauth Provider
Authentication
Oauth
Client
Password
User Management
OAuth
![](https://s3.amazonaws.com/media-p.slid.es/uploads/10373/images/6715255/authorization.png)
Data Model
![](https://s3.amazonaws.com/media-p.slid.es/uploads/10373/images/6715434/Screen_Shot_2019-10-30_at_11.30.13_AM.png)
Oauth Provider
Authentication
Oauth
Client
Password
User Management
Login
![](https://s3.amazonaws.com/media-p.slid.es/uploads/10373/images/6715272/login.png)
Data Model
![](https://s3.amazonaws.com/media-p.slid.es/uploads/10373/images/6711666/Screen_Shot_2019-10-29_at_1.53.22_PM.png)
Oauth Provider
Authentication
Oauth
Client
Password
User Management
User Management
- Create user flow
- Password reset flow
- Modification syncing (soon to be gone)
- API's
- Update user (name, password, admin, etc)
- Password reset
- Create user and activation (soon)
- GDPR (soon)
Where'd the Time Go?
Export
- Understand the data models already existing in VMA and SB
- Reconciling poor data constraints
- multiple associated records for has_one in VMA
- multiple users with same email in SB
- Test runs of export to verify things worked correctly
"Fun" Backwards Compatibility Features
- Reprompting for password on old sessions
- Account specific logos
- Managers creating accounts
- Managers visiting activation links to set passwords
- Managers generating password resets on behalf of users
- Various tracking things
Login, Account Selection, and Lapsed Accounts
- VMA loved sending you to the login page when you're already logged in
- This caused infinite redirects because in Auth, you were already logged in
- We switched it to sending the user to the account selection page
- Sending people to the account selection page prevents them from accessing lapsed accounts
- We changed how current_account is detected for the oauth callback; it's based on where you were trying to access before you were forced to login
Questions?
Auth
By blatyo
Auth
- 879