Guardian.Plug.VerifyAuthorization
Use this plug to verify a token contained in the header.
You should set the value of the Authorization header to:
Authorization: <jwt>Example
plug Guardian.Plug.VerifyAuthorizationIf using CSRF you should also encode the CSRF token either
- Into the X-CSRF-TOKEN header
- Into the _csrf_token param
- Use the session plug to load it from there
Example
plug Guardian.Plug.VerifyAuthorization, key: :secretVerifying the session will update the claims on the request, available with Guardian.Plug.claims/1
In the case of an error, the claims will be set to { :error, reason }
Summary↑
| call(conn, opts) |
| init(opts) |