BtrzAuth v0.9.0 BtrzAuth.Plug.VerifyToken View Source

It depends on BtrzAuth.Plug.VerifyApiKey, looks for a token in the Authorization header and verify it using first the account’s private key, if not valid, then main and secondary secrets provided by your app for internal token cases.

In the case where:

a. The session is not loaded b. A token is already found for :key

This plug will not do anything.

This, like all other Guardian plugs, requires a Guardian pipeline to be setup. It requires an error handler.

These can be set either:

  1. Upstream on the connection with plug Guardian.Pipeline
  2. Upstream on the connection with Guardian.Pipeline.{put_module, put_error_handler, put_key}
  3. Inline with an option of :module, :error_handler, :key

If a token is found but is invalid, the error handler will be called with auth_error(conn, {:invalid_token, reason}, opts)

Once a token has been found it will be decoded, the token and claims will be put onto the connection.

They will be available using Guardian.Plug.current_claims/2 and Guardian.Plug.current_token/2

Options:

  • claims - The literal claims to check to ensure that a token is valid
  • realm - The prefix for the token in the Authorization header. Defaults to Bearer. :none will not use a prefix.
  • key - The location to store the information in the connection. Defaults to: default

Example


# setup the upstream pipeline

plug BtrzAuth.Plug.VerifyHeaderInternal, claims: %{typ: "access"}

This will check the authorization header for a token

Authorization Bearer: <token>

This token will be placed into the connection depending on the key and can be accessed with Guardian.Plug.current_token and Guardian.Plug.current_claims

OR

MyApp.ImplementationModule.current_token and MyApp.ImplementationModule.current_claims

Link to this section Summary

Link to this section Functions