BtrzAuth v0.9.0 BtrzAuth.Plug.VerifyToken View Source
It depends on BtrzAuth.Plug.VerifyApiKey
, looks for a token in the Authorization
header and verify it using first the account’s private key, if not valid, then main and secondary secrets provided by your app for internal token cases.
In the case where:
a. The session is not loaded
b. A token is already found for :key
This plug will not do anything.
This, like all other Guardian plugs, requires a Guardian pipeline to be setup. It requires an error handler.
These can be set either:
- Upstream on the connection with
plug Guardian.Pipeline
- Upstream on the connection with
Guardian.Pipeline.{put_module, put_error_handler, put_key}
- Inline with an option of
:module
,:error_handler
,:key
If a token is found but is invalid, the error handler will be called with
auth_error(conn, {:invalid_token, reason}, opts)
Once a token has been found it will be decoded, the token and claims will be put onto the connection.
They will be available using Guardian.Plug.current_claims/2
and Guardian.Plug.current_token/2
Options:
claims
- The literal claims to check to ensure that a token is validrealm
- The prefix for the token in the Authorization header. Defaults toBearer
.:none
will not use a prefix.key
- The location to store the information in the connection. Defaults to:default
Example
# setup the upstream pipeline
plug BtrzAuth.Plug.VerifyHeaderInternal, claims: %{typ: "access"}
This will check the authorization header for a token
Authorization Bearer: <token>
This token will be placed into the connection depending on the key and can be accessed with
Guardian.Plug.current_token
and Guardian.Plug.current_claims
OR
MyApp.ImplementationModule.current_token
and MyApp.ImplementationModule.current_claims
Link to this section Summary
Link to this section Functions
call(Plug.Conn.t(), Keyword.t()) :: Plug.Conn.t()