RestAuth v0.9.0 RestAuth View Source
RestAuth
is a declarative ACL library for Phoenix. It functions by declaring a
controller level plug with a set of roles specified for the given action. It also
provides a framework for doing per-item-ACL with ETS backed caching built in.
To set up and use RestAuth
you need to specify some configuration for sane defaults
and specify a handler module based on the RestAuth.HandlerBehaviour
behaviour.
You also need to set up an authentication controller of sorts that calls
RestAuth.Controller.login/3
and RestAuth.Controller.logout/3
functions
A typical sample usage in a controller looks like so (pulled from Restauth.Restrict
documentation):
@rest_auth_roles [
{:index, ["user"]},
{:create, ["admin"]},
{:update, ["admin"]},
{:show, ["admin"]},
{:delete, ["admin"]}
]
plug RestAuth.Restrict, @rest_auth_roles
The handler module provided by the user takes full responsibility for loading
user data from the database and caching the data using RestAuth.CacheService
etc.
This library aims to be a slightly oppinionated framework for you to build your own
logic on top of. After having implemented the behaviour RestAuth
should rarely get
in the way of anyhting.