Guardian

A module that provides JWT based authentication for Elixir applications.

Guardian provides the framework for using JWT any elixir application, web based or otherwise, Where authentication is required.

The base unit of authentication currency is implemented using JWTs.

Configuration

config :guardian, Guardian,
  issuer: "MyApp",
  ttl: { 30, :days },
  serializer: MyApp.GuardianSerializer,
  secret_key: "lksjdlkjsdflkjsdf"

Guardian uses Joken, so you will also need to configure that.

Summary

issuer()

The configured issuer. If not configured, defaults to the node that issued

mint(object)

Mint a JWT from a resource. The resource will be run through the configured serializer to obtain a value suitable for storage inside a JWT

mint(object, audience)

Like mint/1 but also accepts the audience (encoded to the aud key) for the JWT

mint(object, audience, claims)

Like mint/2 but also encode anything found inside the claims map into the JWT

serializer()

Fetch the configured serializer module

verify!(jwt)

If successfully verified, returns the claims encoded into the JWT. Raises otherwise

verify!(jwt, params)

If successfully verified, returns the claims encoded into the JWT. Raises otherwise

verify(jwt)

Verify the given JWT. This will verify via verify/2

verify(jwt, params)

Verify the given JWT

Functions

issuer()

Specs:

The configured issuer. If not configured, defaults to the node that issued.

mint(object)

Specs:

Mint a JWT from a resource. The resource will be run through the configured serializer to obtain a value suitable for storage inside a JWT.

mint(object, audience)

Specs:

Like mint/1 but also accepts the audience (encoded to the aud key) for the JWT

The aud can be anything but suggested is “token”.

mint(object, audience, claims)

Specs:

Like mint/2 but also encode anything found inside the claims map into the JWT.

To encode permissions into the token, use the :perms key and pass it a map with the relevant permissions (must be configured)

Example

Guardian.mint(user, :token, perms: %{ default: [:read, :write] })
serializer()

Specs:

Fetch the configured serializer module

verify(jwt)

Specs:

Verify the given JWT. This will verify via verify/2

verify(jwt, params)

Specs:

Verify the given JWT.

verify!(jwt)

Specs:

If successfully verified, returns the claims encoded into the JWT. Raises otherwise

verify!(jwt, params)

Specs:

If successfully verified, returns the claims encoded into the JWT. Raises otherwise