Closed dsignr closed 5 years ago
Version 2.1 of Phauxth is now using version 5 of Comeonin, and the main change, as far as Phauxth is concerned, is that Comeonin is now not called directly.
The changes you will need to make are:
Comeonin.Argon2
in the config file to Argon2
Comeonin.Argon2.add_hash
to Argon2.add_hash
I added a note about this to the Gitter channel and updated the UPGRADE_v2 guide, but it's not always easy to let everyone know when there is a change.
Thanks David, I missed that. Probably because I was already on 2.0.0 so, must have totally missed it. Ok, I fixed as you have mentioned and now I'm being hit with this:
Request: POST /api/core
** (exit) an exception was raised:
** (FunctionClauseError) no function clause matching in MyAppWeb.Auth.Login.report/2
(myapp) lib/myapp_web/auth/login.ex:7: MyAppWeb.Auth.Login.report(:ok, [])
Inside my auth/login.ex
:
defmodule MyAppWeb.Auth.Login do
@moduledoc """
Custom login module that checks if the user is confirmed before
allowing the user to log in.
"""
use Phauxth.Login.Base
alias Comeonin.Argon2
alias MyApp.IAM
@impl true
def authenticate(%{"password" => password} = params, _, opts) do
case IAM.get_by(params) do
nil -> {:error, "no user found"}
%{confirmed_at: nil} -> {:error, "account unconfirmed"}
user -> Argon2.check_pass(user, password, opts)
end
end
end
Seems like a struct mismatch within the report
function. I can probably override it, but not sure it is a bug..
Ok, I found out the issue. In this callback:
@impl true
def authenticate(%{"password" => password} = params, _, opts) do
case IAM.get_by(params) do
nil -> {:error, "no user found"}
%{confirmed_at: nil} -> {:error, "account unconfirmed"}
user -> Argon2.check_pass(user, password, opts)
end
end
The success case returns just :ok
, instead of the tuple {:ok, user}
that the report function is expecting.
@impl true
def authenticate(%{"password" => password} = params, _, opts) do
case IAM.get_by(params) do
nil -> {:error, "no user found"}
%{confirmed_at: nil} -> {:error, "account unconfirmed"}
user -> {Argon2.check_pass(user, password, opts), user} # <--- Changing it to this solved it
end
end
Since it's a callback implementation, I don't think it's a bug per se, but then again, I'm upgrading from Phauxth 2.0.0 to 2.1.0, so my implementation hasn't changed, but seems like, as you have mentioned, the Argon function has changed.
You need to remove the alias Comeonin.Argon2
line
This commit shows the changes that I made to the example app to upgrade it to 2.1
You need to remove the
alias Comeonin.Argon2
line
That was it! I can confirm this was the issue. Thanks David. Should I close this issue now?
Glad to hear it's now fixed. I will close this issue now. I have made a few changes to the UPGRADE guide to make things a little clearer.
Thank you David!
Environment
Phauxth 2.1, Argon 2.0
Current behavior
Getting this error from inside my User model, specifically at the
put_pass_hash
function and throws out a 500 server error.On inspection, there is a warning right before the 500 error:
My
user.ex
:Expected behavior
There should be no errors and warnings.
Additional information
This is happening solely due to the
put_pass_hash
function in the user model. Downgrading to Phauxth 2.0 and Argon 1.2 is the current solution.