artsy_auth_ex

v0.1.0

artsy_auth_ex v0.1.0 Artsy.Auth.Token

Plug for enforcing authentication using Artsy's oauth.

You can configure this plug by defining what roles are allowed to pass this plug: config :artsy_auth_ex, allowed_roles: []

This plug checks if current session has access token in the session, verifies if user has proper role based on allowed roles. If user is not allowed, it will return 403 and halt the connection. If user is not logged in, it redirects to "/auth" to get redirected to proper login page.

Link to this section Summary

Functions

generate_and_sign(extra_claims \\ %{}, key \\ __default_signer__())

Combines generate_claims/1 and encode_and_sign/2

generate_and_sign!(extra_claims \\ %{}, key \\ __default_signer__())

Same as generate_and_sign/2 but raises if error

verify_and_validate(bearer_token, key \\ __default_signer__(), context \\ %{})

Combines verify/2 and validate/1

verify_and_validate!(bearer_token, key \\ __default_signer__(), context \\ %{})

Same as verify_and_validate/2 but raises if error

Link to this section Functions

Link to this function

generate_and_sign(extra_claims \\ %{}, key \\ __default_signer__()) 
generate_and_sign(Joken.claims(), Joken.signer_arg()) ::
  {:ok, Joken.bearer_token(), Joken.claims()} | {:error, Joken.error_reason()}

Combines generate_claims/1 and encode_and_sign/2

Link to this function

generate_and_sign!(extra_claims \\ %{}, key \\ __default_signer__()) 
generate_and_sign!(Joken.claims(), Joken.signer_arg()) ::
  Joken.bearer_token() | no_return()

Same as generate_and_sign/2 but raises if error

Link to this function

verify_and_validate(bearer_token, key \\ __default_signer__(), context \\ %{}) 
verify_and_validate(Joken.bearer_token(), Joken.signer_arg(), term()) ::
  {:ok, Joken.claims()} | {:error, Joken.error_reason()}

Combines verify/2 and validate/1

Link to this function

verify_and_validate!(bearer_token, key \\ __default_signer__(), context \\ %{}) 
verify_and_validate!(Joken.bearer_token(), Joken.signer_arg(), term()) ::
  Joken.claims() | no_return()

Same as verify_and_validate/2 but raises if error