BtrzAuth

Build status badge

Elixir package for authentication handling using Plug and Guardian (JWT). It supports X-API-KEY token and Authorization tokens, for external users or internal API communication.

Documentation

API documentation at HexDocs https://hexdocs.pm/btrz_ex_auth_api

Installation

If available in Hex, the package can be installed by adding btrz_auth to your list of dependencies in mix.exs:

def deps do
  [{:btrz_ex_auth_api, "~> 0.7.0"}]
end

Add your configuration

config :btrz_ex_auth_api, :token,
    issuer: "your-issuer",
    main_secret: "YOUR_MAIN_KEY",
    secondary_secret: "YOUR_SECONDARY_KEY"

Plugs

You can use the Guardian Plugs and the ones added by BtrzAuth:

BtrzAuth.Plug.VerifyApiKey

Looks for the header or querystring x-api-key and verify the account, saving it into conn.private[:application].

BtrzAuth.Plug.VerifyToken

It depends on BtrzAuth.Plug.VerifyApiKey, looks for a token in the Authorization header and verify it using first the account’s private key loading the user id in the conn.private[:user_id], if not valid, then main and secondary secrets provided by your app for internal token cases. #### [BtrzAuth.Plug.VerifyPremium](BtrzAuth.Plug.VerifyPremium.html) Looks for and validates that the passedkeysfeatures are present in the saved claims underconn.privateusingBtrzAuth.Guardian.Plug.current_claims(conn). ## Pipelines ### BtrzAuth.Pipeline.ApiKeySecured This pipeline will check thex-api-keyheader or querystring is sent and load the implemented resource inconn.private[:application]. * plug BtrzAuth.Plug.VerifyApiKey ### BtrzAuth.Pipeline.TokenSecured This pipeline will check thex-api-keyheader loading the application data inconn.private[:application]and also the token with the private key or the configured main and secondary secret keys in case the token could be an internal one, then ensure authenticated and load the implemented resource id in theconn.private[:user_id]. * plug BtrzAuth.Plug.VerifyApiKey * plug BtrzAuth.Plug.VerifyToken * plug Guardian.Plug.EnsureAuthenticated You can add pipelines in your Phoenix Router to get different authentication working. ```elixir pipeline :token_secured do plug BtrzAuth.Pipelines.TokenSecured end scope "/" do pipe_through :token_secured # your routes here... end ``` ## Integration tests in your API Add the test_resource in order to test your endpoints once the plugs or pipelines are defined: ```elixir config :btrz_ex_auth_api, :token, issuer: "your-issuer", main_secret: "YOUR_MAIN_KEY", secondary_secret: "YOUR_SECONDARY_KEY" test_resource: %{account_id: "DESIRED_ID"} ``` and use”test-token”as your test token in theAuthorization` header. Documentation can be generated with ExDoc and published on HexDocs. Once published, the docs can be found at https://hexdocs.pm/btrz_auth.