A username/password Strategy for Überauth
Latest commit d3ea795 Jan 18, 2017 @xtian xtian committed with doomspork Fix warnings for Elixir 1.4.0 (#16)
* Only test oldest and newest Elixir/OTP pairs on Travis

* Fix parentheses warnings for Elixir 1.4

Elixir 1.4 outputs warnings for function/variable ambiguity:

warning: variable "default_options" does not exist and is being expanded
to "default_options()", please use parentheses to remove the ambiguity
or change the variable name

* Dict -> Keyword

The `Dict` module is deprecated:

warning: Dict.get/3 is deprecated, use the Map module for working with
maps or the Keyword module for working with keyword lists

* README: Use svg for Travis badge

* Drop support for Elixir 1.1


Überauth Identity

Build Status Hex Version License

A simple username/password strategy for Überauth.


  1. Add :ueberauth_identity to your list of dependencies in mix.exs:

    def deps do
      [{:ueberauth_identity, "~> 0.2"}]
  2. Add the strategy to your applications:

    def application do
      [applications: [:ueberauth_identity]]
  3. Add Identity to your Überauth configuration:

    config :ueberauth, Ueberauth,
      providers: [
        identity: {Ueberauth.Strategy.Identity, [
          callback_methods: ["POST"]
  4. Include the Überauth plug in your controller:

    defmodule MyApp.AuthController do
      use MyApp.Web, :controller
      plug Ueberauth
  5. Create the request and callback routes if you haven't already:

    scope "/auth", MyApp do
      pipe_through :browser
      get "/:provider", AuthController, :request
      get "/:provider/callback", AuthController, :callback
      post "/identity/callback", AuthController, :identity_callback
  6. Your request phase handler should implement a form or similar method to collect the required login information.

  7. The controller callback should validate login information using the Ueberauth.Auth struct:

    def identity_callback(%{assigns: %{ueberauth_auth: auth}} = conn, params) do
      case validate_password(auth.credentials) do
        :ok ->
          user = %{id: auth.uid, name: name_from_auth(auth), avatar: auth.info.image}
          |> put_flash(:info, "Successfully authenticated.")
          |> put_session(:current_user, user)
          |> redirect(to: "/")
        { :error, reason } ->
          |> put_flash(:error, reason)
          |> redirect(to: "/")

For an example implementation see the Überauth Example application.

Nested form attributes

Sometimes it's convenient to nest the returned params under a namespace. For example if you're using a "user" form, your params may come back as:

  %{ "user" => { "email" => "my@email.com" … }

If you're using a nested set of attributes like this you'll need to let Überauth Identity know about it. To do this set an option in your config:

    config :ueberauth, Ueberauth,
      providers: [
        identity: {Ueberauth.Strategy.Identity, [param_nesting: "user"]}

Params scrubbing

By default Überauth Identity will be changing empty values from the returned params to nil. If you want to disable that behaviour set the following option in your config:

    config :ueberauth, Ueberauth,
      providers: [
        identity: {Ueberauth.Strategy.Identity, [scrub_params: false]}


Depending on the configured url you can initial the request through:



Please see LICENSE for licensing details.