RestAuth v0.9.6 RestAuth.DummyHandler View Source

Sample Handler module showing intended flow and a sample set of internal helpers. Will throw warnings if used in an actual app. Intention is to be inspiration for your own handler module.

Link to this section Summary

Functions

Looks up if a given authority can access an item in the system. Typically does a lookup in the caching layer first then in the database if it is not found there

Invalidates a token

Invalidates a user. This effectively logs out all active sessions across the application

Invalidates all user acl based off the user_id in the RestAuth.Authority struct. Typically used to clear the acl for a user after being granted access to something

Similar to load_user_data/2 but simply uses the underlaying user from the database to return the Authority

This function is used by RestAuth.Controller and loads a user from the database

Link to this section Functions

Link to this function can_access_item?(authority, category, target_id) View Source

Looks up if a given authority can access an item in the system. Typically does a lookup in the caching layer first then in the database if it is not found there.

If using the caching layer, remember to write-through to the service after loading from the database to decide if access is granted or not.

Remember to use invalidate_user_acl/2 to update the acl cache when granting or denying access to things.

Callback implementation for RestAuth.HandlerBehaviour.can_access_item?/3.

Link to this function invalidate_token(authority) View Source

Invalidates a token.

Typically this invalidates the token in the cacheservice and deletes it from the database.

Callback implementation for RestAuth.HandlerBehaviour.invalidate_token/1.

Link to this function invalidate_user(authority) View Source

Invalidates a user. This effectively logs out all active sessions across the application

Typically this invalidates all the tokens in the cacheservice and deletes them from the database.

Callback implementation for RestAuth.HandlerBehaviour.invalidate_user/1.

Link to this function invalidate_user_acl(authority) View Source

Invalidates all user acl based off the user_id in the RestAuth.Authority struct. Typically used to clear the acl for a user after being granted access to something.

Can be regarded as a companion function

Callback implementation for RestAuth.HandlerBehaviour.invalidate_user_acl/1.

Similar to load_user_data/2 but simply uses the underlaying user from the database to return the Authority.

This function is often used for convenience if a user changes his username, name or other data that requires the system to issue a new authority for an already known user.

Callback implementation for RestAuth.HandlerBehaviour.load_user_data/1.

Link to this function load_user_data(username, raw_password) View Source

This function is used by RestAuth.Controller and loads a user from the database.

Must return a RestAuth.Authority struct

Beware that while metadata can be anything it must be serializeable by Poison JSON encoder. This can be solved by using the standard types like List, Map etc or by implementing the Poison protocol.

Do note that all the data returned here will be embedded in the token, so try to keep it as small as possible.

The :error reason should be a string explaining why the user was not returned. Some examples

  • “Wrong username and/or password.”
  • “Account is locked”
  • “Account has not been activated yet”.
  • “Error connecting to database.”

The supplied controller for RestAuth will json respond with either of the two structures:

{
  "data": {
            "token": "g3QAAAACZAAEZGF0YW....udlCH1tpI8oPfIE+BsMcrXj2A=",
            "user_id": 1,
            "roles": ["user", "admin"],
            "metadata":  {"name": "John Doe"}
          }
}
{
  "error": <your string here>
}

Callback implementation for RestAuth.HandlerBehaviour.load_user_data/2.

Link to this function load_user_data_from_token(token) View Source

Decodes a token