Bodyguard v2.3.0 Bodyguard.Plug.Authorize

Perform authorization in a Plug pipeline.

Options

  • policy required - the policy (or context) module
  • action required - the action to authorize, either an atom or a 1-arity function that accepts a conn and returns the action
  • user - a 1-arity function which accepts the connection and returns a user. If omitted, defaults user to nil
  • params - params to pass to the authorization callbacks or a 1-arity function which accepts the connection
  • fallback - a fallback controller or plug to handle authorization failure. If specified, the plug is called and then the pipeline is halted. If not specified, then Bodyguard.NotAuthorizedError raises directly to the router.

Examples

# Raise on failure
plug Bodyguard.Plug.Authorize, policy: MyApp.Blog, action: :update_posts,
  user: &get_current_user/1

# Fallback on failure
plug Bodyguard.Plug.Authorize, policy: MyApp.Blog, action: :update_posts,
  user: &get_current_user/1, fallback: MyApp.FallbackController

# Params as a function
plug Bodyguard.Plug.Authorize, policy: MyApp.Blog, action: :update_posts,
  params: &get_params/1

Link to this section Summary

Functions

Callback implementation for Plug.call/2

Callback implementation for Plug.init/1

Link to this section Functions

Link to this function call(conn, arg)

Callback implementation for Plug.call/2.

Link to this function init(opts \\ [])

Callback implementation for Plug.init/1.