Assert that the current connection is authenticated as a given account

Will run the following assertions:

1. assert that :account_id value in the session is not nil and is equal to the account’s primary key value
2. assert that :account_type value in the sesion is not nil and is equal to the account’s struct

The original conn will be returned.

Authenticate the session with the given credentials

This function assumes that the session creation path is session_path and is using post.

Feel free to override this function.

Authorizes a connection with an account

Equivalent to running:

Plug.Conn.assign(conn, :account, account)

This function differs from authentication_as/2 as that will run the actual authentication whereas this function simply assigns to the conn. The database is not hit, no encryption checks are run.

Refute account is authorized

Will refute that an account is currently authorized.

You can also pass :anyone as the account and this will refute that anyone is authorized, not just a specific account.

Macro that generates a test for asserting that RESTful actions require authorization

The assertion being run will expect that unauthorized route access will return a 401

Options:

• :roles takes an keyword list of role names. Keyword values can be a function reference that to manipulate the conn object
• :only only the actions in the keyword list given. Keyword values can be a map for passing custom params to the action
• :except all actions (index, show, create, update, destroy) except those in the keyword list. Keyword value behave similiar to only

Examples

require_authorization :profile_path
require_authorization :profile_path, roles: [:no_auth, auth: &auth_conn/1]

defp auth_conn(conn) do
  authenticate(conn, username: "user@example.com", password: "password")
end

require_authorization :profile_path, only: [create: %{foo: "bar"}]

Each call to require_authorization only generates a single test, not multiple tests. This saves on compilation time.