Hora

Assumption free, adapter based password management for Elixir.

Installation

This package can be installed by adding hora to your list of dependencies in mix.exs:

def deps do
  [
    {:hora, "~> 1.0.0"},
    {:comeonin, "~> 3.0"}, # optional, needed for bcrypt and pbkdf2_sha512 support
    {:ecto, "~> 2.1"} # optional, needed for changeset support
  ]
end

Adapters

Hora takes an adapter based strategy for defining the cryptographic functions used to secure passwords. We provide support for bcrypt and pbkdf2_sha512 but it's possible to use your own custom adapters as well.

• Hora.Adapter.Bcrypt
• Hora.Adapter.Pbkdf2

Usage

iex> Hora.verify_password("uncrypted_password", "crypted_password")

iex> Hora.secure_password("uncrypted_password")

Ecto

defmodule MyModule do
  use Ecto.Schema

  schema "my_schema" do
    field :password,        :string, virtual: true
    field :password_digest, :string
  end

  def changeset(schema, params) do
    schema
    |> cast(params, [:password])
    |> Hora.Changeset.put_secure_password(:password, :password_digest)
  end
end

Configuration

You can define which adapter to use and it's options in one of two ways:

1. Through application configuration

Example

config :hora,
  adapter: Hora.Adapter.Bcrypt,
  adapter_options: [log_rounds: 14]

2. When using the Hora functions:

Example

Hora.secure_password("uncrypted_password", adapter: Hora.Adapter.Bcrypt)

Hora.verify_password("uncrypted_password", "crypted_password", adapter: Hora.Adapter.Bcrypt)

Hora.Changeset.put_secure_password("uncrypted_password", adapter: Hora.Adapter.Bcrypt)