search

smpallen99 / coherence

Coherence is a full featured, configurable authentication system for Phoenix
MIT License
1.27k stars 224 forks source link

Compare/contrast with Guardian #47

Open scottmessinger opened 8 years ago

scottmessinger commented 8 years ago

Hi! This looks like a great project in a similar vein to guardian. It appears this does a ton of stuff Guardian isn't trying to do, but it would be super helpful to me to see a brief description in the Readme about when this is a better fit for my need than Guardian (or vice versa).

agustif commented 8 years ago

Probably same topic but with better title than https://github.com/smpallen99/coherence/issues/38

mayppong commented 8 years ago

As far as I can tell, this is different from guardian. guardian only seems to handle the route guarding. If you're not authenticate in ways that guardian accepts, it will prevent you from visiting that routes. That's all guardian seems to do. It seems mostly supplementary to ueberauth ecosystem which does the authentication.

coherence on the other hand also provide user management support like creating a new user, setting hashed password, inviting users, reset password and so on.

Based on my research/reading so far, nothing in ueberauth ecosystem actually does user management stuff. You can use ueberauth, uberauth_identity, and guardian in conjunction with coherence I think. That's what I'm intending to do anyway since I want to be able to also support Fb and Google login in my application aside from asking users to create accounts.

OvermindDL1 commented 7 years ago

Actually this is different in that Guardian is based on JWT's and thus is suitable for API endpoints only and should not be used with generic user registration (unless those are entirely stateless API driven).

:ueberauth is indeed the user authentication part, via custom registration, gmail, facebook, whatever, but it does not do the schema side of things, you do that part yourself, it only handles the authentication, not the storage. If coherence were to use ueberauth for its front-end logins that would open up a huge amount of capabilities for coherence, where coherence would use ueberauth for logins (local logins, gmail, facebook, whatever), coherence would handle the local login specifically, coherence would handle the database side of all of it, etc...