search

riverrun / phauxth

Not actively maintained - Authentication library for Phoenix, and other Plug-based, web applications
409 stars 21 forks source link

Comeonin.Bcrypt.check_pass/3 is undefined (module Comeonin.Bcrypt is not available) #52

Closed kieranwild closed 6 years ago

kieranwild commented 6 years ago

I can't seem get the Login to work with pbkdf2. It is still finding the Bcrypt reference somewhere even though I never added it. mix phauxth.new

Mix.exs defp deps do [ {:phoenix, "~> 1.3.0"}, {:phoenix_pubsub, "~> 1.0"}, {:phoenix_ecto, "~> 3.2"}, {:postgrex, ">= 0.0.0"}, {:phoenix_html, "~> 2.10"}, {:phoenix_live_reload, "~> 1.0", only: :dev}, {:gettext, "~> 0.11"}, {:phauxth, "~> 1.2"}, {:pbkdf2_elixir, "~> 0.12"}, {:bamboo, "~> 0.8"}, {:cowboy, "~> 1.0"} ] end

user.ex defp put_pass_hash(%Ecto.Changeset{valid?: true, changes: %{password: password}} = changeset) do change(changeset, Comeonin.Pbkdf2.add_hash(password)) end

session_controller.ex def create(conn, %{"session" => params}) do case Login.verify(params, Accounts) do {:ok, user} -> session_id = Login.gen_session_id("F") Accounts.add_session(user, session_id, System.system_time(:second)) Phauxth.Login.verify(params, Alibaba.Accounts, crypto: Comeonin.Pbkdf2) Login.add_session(conn, session_id, user.id) |> login_success(user_path(conn, :index)) {:error, message} -> error(conn, message, session_path(conn, :new)) end end

Request: POST /sessions (exit) an exception was raised: (UndefinedFunctionError) function Comeonin.Bcrypt.check_pass/3 is undefined (module Comeonin.Bcrypt is not available) Comeonin.Bcrypt.check_pass(%Alibaba.Accounts.User{meta: #Ecto.Schema.Metadata<:loaded, "users">, email: "test@user.com", id: 3, inserted_at: ~N[2018-02-23 14:09:14.155021], password: nil, password_hash: "$pbkdf2-sha512$160000$lsXaMTkXhwirR.TXArvc4Q$Mrl8FKhXh7kMRdhbZB/B99BQ9c05p9q3bxgwf7HW6cdQDYkqhYBwBCyBdebMpaCMCmVmrbxvmULIjI1Apj6n3Q", sessions: %{}, updated_at: ~N[2018-02-23 14:09:14.157897]}, "password", []) (phauxth) lib/phauxth/login.ex:8: Phauxth.Login.verify/3 (alibaba) lib/alibaba_web/controllers/session_controller.ex:18: AlibabaWeb.SessionController.create/2 (alibaba) lib/alibaba_web/controllers/session_controller.ex:1: AlibabaWeb.SessionController.action/2 (alibaba) lib/alibaba_web/controllers/session_controller.ex:1: AlibabaWeb.SessionController.phoenix_controller_pipeline/2 (alibaba) lib/alibaba_web/endpoint.ex:1: AlibabaWeb.Endpoint.instrument/4 (phoenix) lib/phoenix/router.ex:278: Phoenix.Router.call/1 (alibaba) lib/alibaba_web/endpoint.ex:1: AlibabaWeb.Endpoint.plug_builder_call/2 (alibaba) lib/plug/debugger.ex:99: AlibabaWeb.Endpoint."call (overridable 3)"/2 (alibaba) lib/alibaba_web/endpoint.ex:1: AlibabaWeb.Endpoint.call/2 (plug) lib/plug/adapters/cowboy/handler.ex:15: Plug.Adapters.Cowboy.Handler.upgrade/4 (cowboy) /home/dankmeme/elixir/alibaba/deps/cowboy/src/cowboy_protocol.erl:442: :cowboy_protocol.execute/4

kieranwild commented 6 years ago

bamboo 0.8.0 certifi 2.0.0 comeonin 4.1.0 connection 1.0.4 cowboy 1.1.2 cowlib 1.0.2 db_connection 1.1.3 decimal 1.4.1 ecto 2.2.8 file_system 0.2.4 gettext 0.15.0 hackney 1.11.0 idna 5.1.0 metrics 1.0.1 mime 1.2.0 mimerl 1.0.2 pbkdf2_elixir 0.12.3 phauxth 1.2.3 phoenix 1.3.0 phoenix_ecto 3.3.0 phoenix_html 2.10.5 phoenix_live_reload 1.1.3 phoenix_pubsub 1.0.2 plug 1.4.5 poison 3.1.0 poolboy 1.5.1 postgrex 0.13.5 ranch 1.3.2 ssl_verify_fun 1.1.1 unicode_util_compat 0.3.1 I have upgraded the dependancies but I'm getting the same error

kieranwild commented 6 years ago

Erlang/OTP 20 [erts-9.1] [source] [64-bit] [smp:4:4] [ds:4:4:10] [async-threads:10] [hipe] [kernel-poll:false] Elixir 1.5.2

riverrun commented 6 years ago

When you call Login.verify, you need to add the option crypto: Comeonin.Pbkdf2.

Let me know how that works.

kieranwild commented 6 years ago

I have this in SessionController def create(conn, %{"session" => params}) do case Login.verify(params, Accounts) do {:ok, user} -> session_id = Login.gen_session_id("F") Accounts.add_session(user, session_id, System.system_time(:second)) Phauxth.Login.verify(params, Alibaba.Accounts, crypto: Comeonin.Pbkdf2) Login.add_session(conn, session_id, user.id) |> login_success(user_path(conn, :index)) {:error, message} -> error(conn, message, session_path(conn, :new)) end end

kieranwild commented 6 years ago

I changed it to the following and it worked:

def create(conn, %{"session" => params}) do case Login.verify(params, Accounts, crypto: Comeonin.Pbkdf2) do {:ok, user} -> session_id = Login.gen_session_id("F") Accounts.add_session(user, session_id, System.system_time(:second)) Login.add_session(conn, session_id, user.id) |> login_success(user_path(conn, :index))

  {:error, message} ->
    error(conn, message, session_path(conn, :new))
end

end

kieranwild commented 6 years ago

Thanks for swift help! 👍👍👍

riverrun commented 6 years ago

By the way, version 2 of Phauxth is coming soon, and I am thinking of removing the Login.verify function, as I don't think it offers much - it's just as easy to use Comeonin directly.

Anyway, when version 2 comes out, I will be updating the example and the installer, so that it will keep the existing functionality, and there will be an upgrade guide as well.