API Reference Charon v1.3.4



Authentication & sessions for API's.

Config struct. Keys & defaults

Tokens to be communicated to the client.

Plugs to create, update/refresh and delete sessions. When creating or updating a session, new tokens are created as well.

Entrypoint for Charon.SessionStore.Behaviour implementation. All functions delegate to the configured module.

Behaviour definition of a persistent session store. The implementation is expected to handle cleanup of expired entries.

A dummy session store that can be used if fully stateless tokens are desired.

A persistent session store based on Redis, which implements behaviour Charon.SessionStore. In addition to the required callbacks, this store also provides get_all/2 and delete_all/2 (for a user) functions.

Entrypoint for Charon.TokenFactory.Behaviour implementation. All functions delegate to the configured module.

Behaviour for token-signing modules.

The default and most simple form of self-signed tokens, JWTs with symmetric-key signatures. These are suited for everything but OpenID Connect implementations, because these require third parties to verify the token signature, which requires asymetric keys.

The plugs in this module (and its submodules) can be used to verify tokens. The token's presence, signature, expiration and any claims can be checked. Additionally, the token's session can be loaded and, in case of a refresh token, it can be verified that it matches the session.

After verifying everything you would want to verify about a token, assign the following to the conn

Utility functions, mainly getters and setters for module internals.