Disconnects existing sockets for the given tokens.

Authenticates the user by looking into the session and remember me token.

Will reissue the session token if it is older than the configured age.

Logs the user in.

Redirects to the session's :user_return_to path or falls back to the signed_in_path/1.

Logs the user out.

It clears all session data for safety. See renew_session.

Handles mounting and authenticating the current_scope in LiveViews.

on_mount arguments

• :mount_current_scope - Assigns current_scope to socket assigns based on user_token, or nil if there's no user_token or no matching user.

• :require_authenticated - Authenticates the user from the session, and assigns the current_scope to socket assigns based on user_token. Redirects to login page if there's no logged user.

Examples

Use the on_mount lifecycle macro in LiveViews to mount or authenticate the current_scope:

defmodule GameServerWeb.PageLive do
  use GameServerWeb, :live_view

  on_mount {GameServerWeb.UserAuth, :mount_current_scope}
  ...
end

Or use the live_session of your router to invoke the on_mount callback:

live_session :authenticated, on_mount: [{GameServerWeb.UserAuth, :require_authenticated}] do
  live "/profile", ProfileLive, :index
end

Plug for routes that require the user to be an admin.

Plug for routes that require the user to be authenticated.

Returns the path to redirect to after log in.