Guardian v0.14.5 Guardian.Plug
Guardian.Plug contains functions that assist with interacting with Guardian via Plugs.
Guardian.Plug is not itself a plug.
Example
Guardian.Plug.sign_in(conn, user)
Guardian.Plug.sign_in(conn, user, :access)
# stores this JWT in a different location (keyed by :secret)
Guardian.Plug.sign_in(
conn,
user,
:access,
%{ claims: "i", make: true, key: :secret }
)
Example
Guardian.Plug.sign_out(conn) # sign out all sessions
Guardian.Plug.sign_out(conn, :secret) # sign out only the :secret session
To sign in to an api action (i.e. not store the jwt in the session, just on the conn)
Example
Guardian.Plug.api_sign_in(conn, user)
Guardian.Plug.api_sign_in(conn, user, :access)
# Store the JWT on the conn
Guardian.Plug.api_sign_in(
conn,
user,
:access,
%{
claims: "i",
make: true,
key: :secret
}
)
Then use the Guardian.Plug helpers to look up current_token, claims and current_resource.
Example
Guardian.Plug.current_token(conn)
Guardian.Plug.claims(conn)
Guardian.Plug.current_resource(conn)
Summary
Functions
Sign in a resource for API requests
Sign in a resource for API requests
Same as api_sign_in/3 but also encodes all claims into the JWT
A simple check to see if a request is authenticated
A simple check to see if a request is authenticated
Fetch the currently verified claims from the current request
Fetch the currently authenticated resource if loaded, optionally located at a location (key)
Fetch the currently verified token from the request. Optionally located at a location (key)
Sign in a resource (that your configured serializer knows about) into the current web session
Sign in a resource (that your configured serializer knows about) into the current web session
Same as sign_in/3 but also encodes all claims into the JWT
Sign out of a session
Functions
Sign in a resource for API requests.
This function does not store the resource in the session. Instead the
resource is stored in the Plug.Conn
and is designed to be accessed with
Guardian.Plug.current_resource/2
.
Sign in a resource for API requests.
This function does not store the resource in the session. Instead the
resource is stored in the Plug.Conn
and is designed to be accessed with
Guardian.Plug.current_resource/2
.
By specifying the ‘type’ of the token, you’re setting the typ field in the JWT.
api_sign_in(Plug.Conn.t, any, atom | String.t, map) :: Plug.Conn.t
Same as api_sign_in/3 but also encodes all claims into the JWT.
The :key
key in the claims map is special.
In that it sets the location of the storage.
The :perms key will provide the ability to encode permissions into the token. The value at :perms should be a map
Example
Guardian.Plug.api_sign_in(
conn,
user,
:token,
perms: %{default: [:read, :write]}
)
A simple check to see if a request is authenticated
A simple check to see if a request is authenticated
claims(Plug.Conn.t, atom) :: {:ok, map} | {:error, atom | String.t}
Fetch the currently verified claims from the current request
Fetch the currently authenticated resource if loaded, optionally located at a location (key)
Fetch the currently verified token from the request. Optionally located at a location (key)
Sign in a resource (that your configured serializer knows about) into the current web session.
Sign in a resource (that your configured serializer knows about) into the current web session.
By specifying the ‘type’ of the token, you’re setting the typ field in the JWT.
sign_in(Plug.Conn.t, any, atom | String.t, map) :: Plug.Conn.t
Same as sign_in/3 but also encodes all claims into the JWT.
The :key
key in the claims map is special in that it
sets the location of the storage.
The :perms key will provide the ability to encode permissions into the token. The value at :perms should be a map
Example
Guardian.sign_in(conn, user, :access, perms: %{default: [:read, :write]})