Openmaize.Authorize.IdCheck
Plug to perform the basic authorization check and then a further check based on the user id.
For this plug to work, you need to have the start of the path and the start of the path + “/:id” in the protected map in the config. For example, the following entry protects “/users” and checks ids under “/users”:
config: openmaize,
protected: %{"/users" => ["user"], "/users/:id" => ["user"]}
There are two options:
redirects
- if true, which is the default, redirect if authorized or if there is an error
show
- if true, the user is allowed to see pages that are not his / her id, but cannot edit them
- if false, which is the default, the user cannot view these pages
Examples
Call IdCheck without any options:
plug Openmaize.Authorize.IdCheck
Call IdCheck without redirects:
plug Openmaize.Authorize.IdCheck, redirects: false
Call IdCheck and allow users to view the pages of other ids:
plug Openmaize.Authorize.IdCheck, show: true
Summary↑
call(conn, opts) | Verify that the user, based on id, is authorized to access the page / resource |
init(opts) | Callback implementation for |
Functions
Verify that the user, based on id, is authorized to access the page / resource.
Callback implementation for c:Plug.init/1
.