BreakGlass.Supervisor (BreakGlassEx v0.1.0)

Copy Markdown View Source

OTP supervisor for the break_glass_ex library.

Add this supervisor to your host application's supervision tree before your endpoint or router to ensure all ETS tables exist before the first authentication request:

children = [
  # ... database repos, etc. ...
  {BreakGlass.Supervisor, []},
  MyAppWeb.Endpoint
]

The supervisor starts RateLimiter, TokenStore, and OtpStore in that order using a :one_for_one strategy. It validates required configuration keys at startup and raises ArgumentError if any are missing, preventing the application from booting in a misconfigured state.

Required Configuration

The following keys must be present under config :break_glass_ex:

  • :email — the break-glass email address (String.t())
  • :password_hash — the bcrypt hash of the break-glass password (String.t())
  • :user_provider — the module implementing BreakGlass.UserProvider (module())

If any required key is absent, an ArgumentError is raised listing all missing keys before any child GenServer is started:

ArgumentError: BreakGlass: missing required configuration keys: [:email, :password_hash].
Add them under `config :break_glass_ex` in your runtime.exs.

Optional Configuration

  • :allowed_ips — list of exact IPs or CIDR ranges allowed to authenticate (default: ["127.0.0.1", "::1"]). If absent, a Logger.warning is emitted at startup.

Summary

Functions

child_spec(init_arg)

Returns a specification to start this module under a supervisor.

start_link(opts \\ [])

Starts the BreakGlass.Supervisor and links it to the calling process.

Functions

child_spec(init_arg)

Returns a specification to start this module under a supervisor.

See Supervisor.

start_link(opts \\ [])

@spec start_link(keyword()) :: Supervisor.on_start()

Starts the BreakGlass.Supervisor and links it to the calling process.

opts are passed through to Supervisor.start_link/3 but are otherwise unused by the supervisor itself.