curator v0.2.3 Curator.Plug.LoadResource View Source

This module is a copy of the Guardian.Plug.LoadRecource module, slightly modified:

In the AuthenticatedPipeline, if the claims are blank an error is raised (so sign-in is required).

In the UnauthenticatedPipeline, allow_unauthenticated should be set to true. This allows a sign-in to be optional.

In both cases, if claims exists, the user must be found or an error will be raised (and the session ended). This differs from the Guardian plug, where ‘allow_blank’ would not produce an error when there are claims but no resource. For example, if a User is deleted, their session could still be active, allowing them to visit the unauthenticated resources. This change means they’ll be signed out immediatly when the resource no longer exists.

Link to this section Summary

Link to this section Functions