AuthN v0.2.0 AuthZ.AuthorizationPlugMixin behaviour View Source
Allows to create a plug enforcing authorization for protected routes.
A user-defined module must use
this module, making the user module a plug, and
implement the handle_authorization/3
and handle_authentication_error/2
behaviours. The handle_authorization/3
and handle_authentication_error/2
callbacks receive a Plug.Conn
struct and an atom identifying the set of routes
that require authorization, and must return a Plug.Conn
struct;
handle_authorization/3
additionally receives the logged in user.
Example:
defmodule MyAppWeb.Plugs.EnsureAuthorized do
use AuthZ.AuthorizationPlugMixin
import Plug.Conn
import Phoenix.Controller
alias MyApp.Accounts.User
def handle_authentication_error(conn, :admin_routes),
do: conn |> put_status(401) |> text("unauthenticated") |> halt()
def handle_authorization(conn, %User{type: "admin"}, :admin_routes),
do: conn
def handle_authorization(conn, _, _),
do: conn |> put_status(403) |> text("unauthorized") |> halt()
end
EnsureAuthorized
is now a plug which can be used in the router:
pipeline :ensure_admin_routes_authorized do
plug MyAppWeb.Plugs.EnsureAuthorized,
resource: :admin_routes
end
scope "/admin", MyAppWeb, as: :admin do
pipe_through [:browser, :ensure_admin_routes_authorized]
# code
end
Link to this section Summary
Link to this section Callbacks
Link to this callback
handle_authentication_error(arg1, atom)
View Sourcehandle_authentication_error(Plug.Conn.t(), atom()) :: Plug.Conn.t()
Link to this callback
handle_authorization(arg1, term, atom)
View Sourcehandle_authorization(Plug.Conn.t(), term(), atom()) :: Plug.Conn.t()