AshAuthentication.Phoenix.TokenRevocationNotifier (ash_authentication_phoenix v3.0.0-rc.6)

View Source

An Ash notifier that broadcasts LiveView disconnect messages when tokens are revoked.

When a user signs out, this notifier broadcasts a "disconnect" message to all configured Phoenix endpoints, causing any LiveView sessions using that token's JTI to be disconnected.

Configuration

To use this notifier, add it to your token resource and configure the required DSL options:

defmodule MyApp.Accounts.Token do
  use Ash.Resource,
    extensions: [AshAuthentication.TokenResource],
    simple_notifiers: [AshAuthentication.Phoenix.TokenRevocationNotifier]

  token do
    endpoints [MyAppWeb.Endpoint]
    live_socket_id_template &("users_sessions:#{&1["jti"]}")
  end
end

Then in your auth controller, call set_live_socket_id/2 on sign-in to set the socket ID in the session:

def success(conn, _activity, user, token) do
  conn
  |> store_in_session(user)
  |> set_live_socket_id(token)
  |> redirect(to: ~p"/")
end

Summary

Functions

load(_, _)

Callback implementation for Ash.Notifier.load/2.

requires_original_data?(_, _)

Callback implementation for Ash.Notifier.requires_original_data?/2.

Functions

load(_, _)

Callback implementation for Ash.Notifier.load/2.

requires_original_data?(_, _)

Callback implementation for Ash.Notifier.requires_original_data?/2.