Guardian v1.1.0 Guardian.Plug.VerifySession View Source

Looks for and validates a token found in the session.

In the case where:

a. The session is not loaded b. A token is already found for :key

This plug will not do anything.

This, like all other Guardian plugs, requires a Guardian pipeline to be setup. It requires an implementation module, an error handler and a key.

These can be set either:

  1. Upstream on the connection with plug Guardian.Pipeline
  2. Upstream on the connection with Guardian.Pipeline.{put_module, put_error_handler, put_key}
  3. Inline with an option of :module, :error_handler, :key

If a token is found but is invalid, the error handler will be called with auth_error(conn, {:invalid_token, reason}, opts)

Once a token has been found it will be decoded, the token and claims will be put onto the connection.

They will be available using Guardian.Plug.current_claims/2 and Guardian.Plug.current_token/2

Link to this section Summary

Link to this section Functions