asobi_auth_tokens (asobi v0.35.4)

View Source

Issues and revokes player auth tokens on top of nova_auth_refresh.

Every login path (password and OAuth) funnels through issue/2,3 so the client always receives the same access + refresh pair. revoke_access/1 kills the presented access token on logout so it can't outlive the cache TTL.

Summary

Functions

Issue an access + refresh pair for Player and build the JSON response.

Like issue/2 but merges Extra (e.g. username) into the response body.

Revoke the Bearer access token on the request (logout of this device).

Functions

issue(Player, Status)

-spec issue(map(), integer()) -> {json, integer(), map(), map()}.

Issue an access + refresh pair for Player and build the JSON response.

issue(Player, Status, Extra)

-spec issue(map(), integer(), map()) -> {json, integer(), map(), map()}.

Like issue/2 but merges Extra (e.g. username) into the response body.

revoke_access(Req)

-spec revoke_access(cowboy_req:req()) -> ok.

Revoke the Bearer access token on the request (logout of this device).