Back to features

User Authentication

Generates a complete authentication system for Phoenix applications using Phoenix's built-in phx.gen.auth generator, extended with role-based access control, user profiles, and admin functionality. This feature provides a production-ready authentication foundation with minimal setup.

Key Benefits

  • Complete auth scaffolding - Generates users table, authentication logic, and LiveView components in one command
  • Role-based access control - Built-in user roles (user, admin, superuser) with automatic admin assignment
  • Extended user profiles - Includes name fields, locale, timezone, and flexible embedded data storage
  • Admin bootstrapping - Automatically promotes first user to superuser and supports admin email configuration

Implementation Details Uses Phoenix's mix phx.gen.auth as the foundation, then extends the generated User schema with additional fields including role enum, profile information, and soft deletion support. The system includes custom changesets for profile updates separate from authentication changes, and implements automatic role assignment based on configuration.

Usage Example

# Update user profile without affecting authentication
{:ok, user} = Users.update_user(user, %{
  name: "John Doe",
  locale: "en",
  timezone: "America/New_York"
})

# Role-based access in controllers
defp require_admin(conn, _opts) do
  if conn.assigns.current_user.role in [:admin, :superuser] do
    conn
  else
    # Handle unauthorized access
  end
end

Configuration Requires configuration in config.exs to define admin emails and enable first-user promotion. The system supports embedding additional user data through the flexible data field, and includes comprehensive test coverage for both authentication and profile management features.