Guardian.Plug (Guardian v2.2.1) View Source

Provides functions for the implementation module for dealing with Guardian in a Plug environment.

defmodule MyApp.Tokens do
  use Guardian, otp_app: :my_app

  # ... snip
end

Your implementation module will be given a Plug module for interacting with plug.

If you're using Guardian in your application most of the setters will be uninteresting. They're mostly for library authors and Guardian itself.

The usual functions you'd use in your application are:

sign_in(conn, resource, claims \\ %{}, opts \\ [])

Sign in a resource for your application. This will generate a token for your resource according to your TokenModule and subject_for_token callback.

sign_in will also cache the resource, claims, and token on the connection.

conn = MyApp.Guardian.Plug.sign_in(conn, resource, my_custom_claims)

If there is a session present the token will be stored in the session to provide traditional session based authentication.

Link to this section Summary

Link to this section Functions

Link to this function

authenticated?(conn, opts \\ [])

View Source

Specs

authenticated?(Plug.Conn.t(), Guardian.options()) :: true | false
Link to this function

clear_remember_me(conn, mod, opts \\ [])

View Source

Specs

clear_remember_me(Plug.Conn.t(), module(), Guardian.options()) :: Plug.Conn.t()

Puts a response cookie which replaces the previous remember_me cookie and is set to immediately expire on the client.

Note that while this can be used as a cheap way to sign out, a malicious client could still access your server using the old JWT from the old cookie.

In other words, this does not in any way invalidate the token you issued, it just makes a compliant client forget it.

Link to this function

current_claims(conn, opts \\ [])

View Source

Specs

current_claims(Plug.Conn.t(), Guardian.options()) ::
  Guardian.Token.claims() | nil
Link to this function

current_resource(conn, opts \\ [])

View Source

Specs

current_resource(Plug.Conn.t(), Guardian.options()) :: any() | nil
Link to this function

current_token(conn, opts \\ [])

View Source

Specs

current_token(Plug.Conn.t(), Guardian.options()) :: Guardian.Token.token() | nil

Specs

default_key() :: String.t()

Provides the default key for the location of a token in the session and connection.

Link to this function

find_token_from_cookies(conn, opts \\ [])

View Source

Specs

find_token_from_cookies(conn :: Plug.Conn.t(), Keyword.t()) ::
  {:ok, String.t()} | :no_token_found
Link to this function

maybe_halt(conn, opts \\ [])

View Source

Specs

maybe_halt(Plug.Conn.t(), Keyword.t()) :: Plug.Conn.t()
Link to this function

put_current_claims(conn, claims, opts \\ [])

View Source

Specs

put_current_claims(
  Plug.Conn.t(),
  Guardian.Token.claims() | nil,
  Guardian.options()
) :: Plug.Conn.t()
Link to this function

put_current_resource(conn, resource, opts \\ [])

View Source

Specs

put_current_resource(Plug.Conn.t(), resource :: any() | nil, Guardian.options()) ::
  Plug.Conn.t()
Link to this function

put_current_token(conn, token, opts \\ [])

View Source

Specs

put_current_token(
  Plug.Conn.t(),
  Guardian.Token.token() | nil,
  Guardian.options()
) :: Plug.Conn.t()
Link to this function

put_session_token(conn, token, opts \\ [])

View Source

Specs

Link to this function

remember_me(conn, mod, resource, claims \\ %{}, opts \\ [])

View Source

Specs

Sets a token of type refresh directly on a cookie.

The max_age of the cookie till be the expire time of the Token, if available If the token does not have an exp,t the default will be 30 days.

The max age can be overridden by setting the cookie option config.

Link to this function

remember_me_from_token(conn, mod, token, claims_to_check \\ %{}, opts \\ [])

View Source

Specs

Link to this function

sign_in(conn, impl, resource, claims \\ %{}, opts \\ [])

View Source

Specs

Link to this function

sign_out(conn, impl, opts \\ [])

View Source

Specs