defmodule PotionIngredients.Plugs.AppToken do alias Plug.Conn def get_user(conn, opts) do secret = opts.secret signer = Joken.Signer.create("HS256", secret) headers = conn.req_headers {"app_token", app_token} = Enum.find(headers, fn {key, _header} -> key == "app_token" end) app_token |> case do nil -> Conn.resp(conn, :forbidden, Poison.encode!(%{msg: "invalid.token", code: 009})) |> Conn.put_resp_content_type("application/json") |> Conn.halt() token -> get_user_from_token(token, signer) end |> case do nil -> Conn.resp(conn, :forbidden, Poison.encode!(%{msg: "invalid.token", code: 009})) |> Conn.put_resp_content_type("application/json") |> Conn.halt() app_token -> Conn.put_req_header(conn, "app_token", Poison.encode!(app_token)) end end defp get_user_from_token(token, signer) do PotionIngredients.Utils.Token.verify_and_validate(token, signer) |> case do {:ok, decoded} -> decoded _ -> nil end end end