Guardian.Plug.VerifyAuthorization

Use this plug to verify a token contained in the header.

You should set the value of the Authorization header to:

Authorization: <jwt>

Example

plug Guardian.Plug.VerifyAuthorization

Example

plug Guardian.Plug.VerifyAuthorization, key: :secret

Verifying the session will update the claims on the request, available with Guardian.Plug.claims/1

In the case of an error, the claims will be set to { :error, reason }

A “realm” can be specified when using the plug. Realms are like the name of the token and allow many tokens to be sent with a single request.

plug Guardian.Plug.VerifyAuthorization, realm: "Bearer"

When a realm is not specified, the first authorization header found is used, and assumed to be a raw token

example

plug Guardian.Plug.VerifyAuthorization

# will take the first auth header
# Authorization: <jwt>

Summary

call(conn, opts)
init(opts \\ %{})

Functions

call(conn, opts)
init(opts \\ %{})