curator v0.2.4 Curator.Plug.LoadResource View Source
This module is a copy of the Guardian.Plug.LoadRecource module, slightly modified:
In the AuthenticatedPipeline, if the claims are blank an error is raised (so sign-in is required).
In the UnauthenticatedPipeline, allow_unauthenticated should be set to true. This allows a sign-in to be optional.
In both cases, if claims exists, the user must be found or an error will be raised (and the session ended). This differs from the Guardian plug, where ‘allow_blank’ would not produce an error when there are claims but no resource. For example, if a User is deleted, their session could still be active, allowing them to visit the unauthenticated resources. This change means they’ll be signed out immediatly when the resource no longer exists.