Skip to content
Branch: master
Find file Copy path
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
84 lines (58 sloc) 2.45 KB

SansPassword Build Status

Passwordless authentication helpers for Guardian.

Take a look at the demo app.


Add sans_password to your list of dependencies in mix.exs:

def deps do
  [{:sans_password, "~> 1.0.0-beta"}]

Next, follow Guardian's installation instructions to setup a Guardian module.

Now, you should have a Guardian module, so you can sprinkle in SansPassword.

defmodule MyApp.Guardian do
  use Guardian, otp_app: :my_app
  use SansPassword


  @impl true
  def deliver_magic_link(user, magic_token, extra_params) do
    |> MyMailer.magic_link_email(magic_token, extra_params)
    |> MyMailer.deliver

SansPassword uses two token types:

  • magic - This token will be sent to your users in an email. They are very short-lived and will be sent to your users via email. This token will be included in the "magic link" to your app.
  • access - This token will allow your users to request content from your app.

This part is VERY important, you need to configure the TTLs for the token types that SansPassword uses:

config :guardian, MyApp.Guardian,
  secret_key: "super secret key",
  issuer: "my_app",
  token_ttl: %{
    "magic" => {30, :minutes},
    "access" => {1, :days}


SansPassword provides just a few convenience functions.

# We'll assume you have a user record
{:ok, user} = Repo.insert(%User{email: ""})

# Send a login link that will allow the user to login
{:ok, magic_token, _claims} = MyApp.Guardian.send_magic_link(user)

# If you're building an API, you'll probably want to convert the magic token to an access token
{:ok, access_token, _claims} = MyApp.Guardian.exchange_magic(magic_token)

# If you're storing sessions, you can sign your users in like this
{:ok, user, _claims} = MyApp.Guardian.decode_magic(magic_token)

Trackable (optional)

To track your users sessions, see guardian_trackable.

Accessing the current user

Under the hood, SansPassword just uses Guardian, so to get the current user, just say:

You can’t perform that action at this time.