auth_plug v1.2.0 AuthPlug

AuthPlug handles all our auth needs in just a handful of lines of code. Please see README.md for setup instructions.

Link to this section Summary

Functions

call/2 is invoked to handle each HTTP request which auth_plug protects. If the conn contains a valid JWT in Authentication Headers, jwt query parameter or Phoenix Session, then continue to the protected route, else redirect to the auth_url with the referer set as the continuation URL.

create_jwt_session/2 recieves a conn (Plug.Conn) and claims e.g: %{email: "person@dwyl.com", id: 1}. Signs a JWT which gets attached to the session. This is super-useful in testing as we can simply invoke create_jwt_session(conn, %{email: "al@ex.co", id: 1}) and continue the request pipeline with a valid session.

create_session/2 takes a conn, claims and a JWT and creates the session using Phoenix Sessions and the JWT as the value so that it can be checked on each future request. Makes the decoded JWT available in conn.assigns which means it can be used in templates.

init/1 initialises the options passed in and makes them available in the lifecycle of the call/2 invocation (below). We pass in the auth_url key/value with the URL of the Auth service to redirect to if session is invalid/expired.

Link to this section Functions

Link to this function

call(conn, options)

call/2 is invoked to handle each HTTP request which auth_plug protects. If the conn contains a valid JWT in Authentication Headers, jwt query parameter or Phoenix Session, then continue to the protected route, else redirect to the auth_url with the referer set as the continuation URL.

Link to this function

create_jwt_session(conn, claims)

create_jwt_session/2 recieves a conn (Plug.Conn) and claims e.g: %{email: "person@dwyl.com", id: 1}. Signs a JWT which gets attached to the session. This is super-useful in testing as we can simply invoke create_jwt_session(conn, %{email: "al@ex.co", id: 1}) and continue the request pipeline with a valid session.

Link to this function

create_session(conn, claims, jwt)

create_session/2 takes a conn, claims and a JWT and creates the session using Phoenix Sessions and the JWT as the value so that it can be checked on each future request. Makes the decoded JWT available in conn.assigns which means it can be used in templates.

init/1 initialises the options passed in and makes them available in the lifecycle of the call/2 invocation (below). We pass in the auth_url key/value with the URL of the Auth service to redirect to if session is invalid/expired.

Link to this function

put_current_token(conn, jwt, values)