guardian v0.1.0 → Overview → Guardian

Guardian

Summary
Functions

A module that provides JWT based authentication for Elixir applications.

Guardian provides the framework for using JWT any elixir application, web based or otherwise, Where authentication is required.

The base unit of authentication currency is implemented using JWTs.

Configuration

config :guardian, Guardian,
  issuer: "MyApp",
  ttl: { 30, :days },
  secret_key: "lksdjowiurowieurlkjsdlwwer",
  serializer: MyApp.GuardianSerializer

Guardian uses Joken, so you will also need to configure that.

Summary↑

issuer()	The configured issuer. If not configured, defaults to the node that issued
mint(object)	Mint a JWT from a resource. The resource will be run through the configured serializer to obtain a value suitable for storage inside a JWT
mint(object, audience)	Like mint/1 but also accepts the audience (encoded to the aud key) for the JWT
mint(object, audience, claims)	Like mint/2 but also encode anything found inside the claims map into the JWT
serializer()	Fetch the configured serializer module
verify!(jwt)	If successfully verified, returns the claims encoded into the JWT. Raises otherwise
verify!(jwt, params)	If successfully verified, returns the claims encoded into the JWT. Raises otherwise
verify(jwt)	Verify the given JWT. This will verify via verify/2
verify(jwt, params)	Verify the given JWT

Functions

issuer()

(function) # ↑

Specs:

issuer :: String.t

The configured issuer. If not configured, defaults to the node that issued.

mint(object)

(function) # ↑

Specs:

mint(any) :: {:ok, String.t, Map} | {:error, atom} | {:error, String.t}

Mint a JWT from a resource. The resource will be run through the configured serializer to obtain a value suitable for storage inside a JWT.

mint(object, audience)

(function) # ↑

Specs:

mint(any, atom | String.t) :: {:ok, String.t, Map} | {:error, atom} | {:error, String.t}

Like mint/1 but also accepts the audience (encoded to the aud key) for the JWT

The aud can be anything but suggested is “token”.

The “csrf” audience is special in that it will encode the CSRF token into the JWT. Thereafter whenver verifying the JWT, the CSRF token must be given, and must match.

mint(object, audience, claims)

(function) # ↑

Specs:

mint(any, atom | String.t, Map) :: {:ok, String.t, Map} | {:error, atom} | {:error, String.t}

Like mint/2 but also encode anything found inside the claims map into the JWT.

serializer()

(function) # ↑

Specs:

serializer :: Module.t

Fetch the configured serializer module

verify(jwt)

(function) # ↑

Specs:

verify(String.t) :: {:ok, Map} | {:error, atom} | {:error, String.t}

Verify the given JWT. This will verify via verify/2

verify(jwt, params)

(function) # ↑

Specs:

verify(String.t, Map) :: {:ok, Map} | {:error, atom | String.t}

Verify the given JWT.

If the CSRF token type is used, you must pass at least %{ csrf: <token } as the params

verify!(jwt)

(function) # ↑

Specs:

verify!(String.t) :: Map

If successfully verified, returns the claims encoded into the JWT. Raises otherwise

verify!(jwt, params)

(function) # ↑

Specs:

verify!(String.t, Map) :: Map

If successfully verified, returns the claims encoded into the JWT. Raises otherwise

If the token type is “csrf” the params must contain %{ csrf: csrf_token }