|
|
|
|
|
|
by enraged_camel
3007 days ago
|
|
|
I agree about Coherence. It's good for starter apps, but becomes a liability for anything more serious. Like you say, too much stuff is hardcoded, and moving away from it is painful. I don't agree about ueberauth though. It assumes too much knowledge on the part of the developer, and is insufficient if one is looking for a "plug and play" authentication solution. I used it with Guardian but in the end moved away from it because using JWTs for authentication is just not a good idea. |
|
|
Ueberauth definitely isn't a turnkey solution, but I'm not convinced that turnkey solutions for authentication are possible for real use cases. It's only going to be so long before you run into a customer that needs to integrate you into their SSO provider, and even Devise isn't going to help you then.
What Ueberauth needs, in my opinion, is a hex, built on ueberauth_identity, that adds support for everything people have grown accustomed to from Devise, like password resets, out of the box. You'll still need to do the manual work of mapping credentials to your user resource, but at least you'll be leaving yourself open to eventually supporting other authentication methods, without too much carrying cost in the meantime.
Elixir will get there eventually though :)