PlugPassword — secure your Plug-based application
At netguru, we use rack_password to secure our internal environments of projects such as integration or staging. What it does is basically storing the password in a cookie for each domain and if it’s not present, then it renders a form for the password. We could use basic authentication but it has a couple of downsides:
- Password managers such as 1password don’t work easily with browser native dialogs,
- It requires you to remember two different phrases instead of just one.
In my free time, I implemented similar thing in Elixir and called it PlugPassword. Since Plug is an equivalent of Rack in Ruby world, I implemented it on the same level so it works not only with Phoenix applications but also with simple Plug-based apps.
It offers multiple options to customize your authentication process and you can learn more about them in the readme or in the hexdocs. If you will see some issues or you think that something could be added, don’t be a stranger and feel free to send a pull request.