(no title)
QuinnWilton | 8 years ago
For example, when I last read through the codebase it was common to find features that simply wouldn't work, because the code referenced hardcoded parts of the sample application.
You'll also going to run into a lot of issues trying to migrate off of Coherence if you ever need to support anything other than form based username / password login.
I think it really is worth the effort to go with Ueberauth [0]. You'll need to do more work upfront, but the maintainability gains will quickly pay off. You can even use :ueberauth_identy [1] to provide username / password based auth without too much trouble.
enraged_camel|8 years ago
I don't agree about ueberauth though. It assumes too much knowledge on the part of the developer, and is insufficient if one is looking for a "plug and play" authentication solution. I used it with Guardian but in the end moved away from it because using JWTs for authentication is just not a good idea.
QuinnWilton|8 years ago
Ueberauth definitely isn't a turnkey solution, but I'm not convinced that turnkey solutions for authentication are possible for real use cases. It's only going to be so long before you run into a customer that needs to integrate you into their SSO provider, and even Devise isn't going to help you then.
What Ueberauth needs, in my opinion, is a hex, built on ueberauth_identity, that adds support for everything people have grown accustomed to from Devise, like password resets, out of the box. You'll still need to do the manual work of mapping credentials to your user resource, but at least you'll be leaving yourself open to eventually supporting other authentication methods, without too much carrying cost in the meantime.
Elixir will get there eventually though :)