shield v0.1.1 Shield.Plug

Shield plug implementation to check authentications and to set resouce owner.

Summary

Functions

Plug function to refute authencated users to access resources

Authenticate user by using configured authorization methods

Plug function to authenticate client for resouce owner and assigns resource owner into conn.assigns[:current_user] key. If it fails, then it halts connection and returns unauthorized(HTTP Status Code 401) header with error json

Functions

already_logged_in?(conn, )

Plug function to refute authencated users to access resources.

Examples

defmodule SomeModule.AppController do
  use SomeModule.Web, :controller
  use Shield.Authorization

  plug :already_logged_in? when action in [:register]

  def register(conn, _params) do
    # only not logged in user can access this action
  end
end
authenticate(conn)

Authenticate user by using configured authorization methods.

Examples

current_user = Shield.Plug.authenticate(conn)
if is_nil(current_user) do
  IO.puts "not authencated!"
else
  IO.puts current_user.email
end
authenticate!(conn, )

Plug function to authenticate client for resouce owner and assigns resource owner into conn.assigns[:current_user] key. If it fails, then it halts connection and returns unauthorized(HTTP Status Code 401) header with error json.

Examples

defmodule SomeModule.AppController do
  use SomeModule.Web, :controller
  use Shield.Authorization

  plug :authenticate!

  def index(conn, _params) do
    # access to current user on successful authentication
    current_user = conn.assigns[:current_user]
    ...
  end
end

defmodule SomeModule.AppController do
  use SomeModule.Web, :controller
  use Shield.Authorization

  plug :authenticate! when action in [:create]

  def index(conn, _params) do
    # anybody can call this action
    ...
  end

  def create(conn, _params) do
    # only logged in users can access this action
    current_user = conn.assigns[:current_user]
    ...
  end
end