Guardian.Phoenix

v2.0.1

Guardian.Phoenix v2.0.1 Guardian.Phoenix.Socket View Source

Provides functions for managing authentication with sockets.

This module mostly provides convenience functions for storing tokens, claims and resources on the socket assigns.

The main functions you'll be interested in are:

  • Guardian.Phoenix.Socket.authenticated? - check if the socket has been authenticated
  • Guardian.Phoenix.Socket.authenticate - Sign in a resource to a socket. Similar to Guardian.Plug.authenticate

Getters

Once you're authenticated with your socket, you can use the getters to fetch information about the authenticated resource for the socket.

  • Guardian.Phoenix.Socket.current_claims
  • Guardian.Phoenix.Socket.current_token
  • Guardian.Phoenix.Socket.current_resource

These are the usual functions you'll want to use when dealing with authentication on sockets.

There is a bit of a difference between the usual Guardian.Plug.sign_in and the socket one. The socket authenticate receives a token and signs in from that. Please note that this is mere sugar on the underlying Guardian functions.

As an example:

defmodule MyApp.UserSocket do
  use Phoenix.Socket

  def connect(%{"token" => token}, socket) do
    case Guardian.Phoenix.Socket.authenticate(socket, MyApp.Guardian, token) do
      {:ok, authed_socket} ->
        {:ok, authed_socket}
      {:error, _} -> :error
    end
  end

  # This function will be called when there was no authentication information
  def connect(_params, socket) do
    :error
  end
end

If you want to authenticate on the join of a channel, you can import this module and use the authenticate function as normal.

Link to this section Summary

Functions

assign_rtc(socket, resource, token, claims, key \\ :default)

Assigns the resource, token and claims to the socket

authenticate(socket, impl, token, claims_to_check \\ %{}, opts \\ [])

Given an implementation module and token, this will

authenticated?(socket, key \\ :default)

Boolean if the token is present or not to indicate an authenticated socket

current_claims(socket, key \\ :default)

Fetches the claims map that was encoded into the token from the socket

current_resource(socket, key \\ :default)

Fetches the resource from that was previously put onto the socket

current_token(socket, key \\ :default)

Fetches the token that was provided for the initial authentication. This is provided as an encoded string and fetched from the socket

put_current_claims(socket, new_claims, key \\ :default)

Put the current claims onto the socket for later use. Get the claims from the socket with current_claims

put_current_resource(socket, resource, key \\ :default)

Put the current resource onto the socket for later use. Get the resource from the socket with current_resource

put_current_token(socket, token, key \\ :default)

Puts the current token onto the socket for later use

Link to this section Functions

Link to this function

assign_rtc(socket, resource, token, claims, key \\ :default) View Source 
assign_rtc(
  socket :: Phoenix.Socket.t(),
  resource :: Guardian.Token.resource() | nil,
  token :: Guardian.Token.token() | nil,
  claims :: Guardian.Token.claims() | nil,
  key :: atom() | String.t() | nil
) :: Phoenix.Socket.t()

Assigns the resource, token and claims to the socket.

Use the key to specify a different location. This allows multiple tokens to be active on a socket at once.

Link to this function

authenticate(socket, impl, token, claims_to_check \\ %{}, opts \\ []) View Source 
authenticate(
  socket :: Phoenix.Socket.t(),
  impl :: module(),
  token :: Guardian.Token.token() | nil,
  claims_to_check :: Guardian.Token.claims(),
  opts :: Guardian.options()
) :: {:ok, Phoenix.Socket.t()} | {:error, atom() | any()}

Given an implementation module and token, this will

  • decode and verify the token
  • load the resource
  • store the resource, claims and token on the socket.

Use the key to store the information in a different location. This allows multiple tokens and resources on a single socket.

Link to this function

authenticated?(socket, key \\ :default) View Source 
authenticated?(Phoenix.Socket.t(), atom() | String.t()) :: true | false

Boolean if the token is present or not to indicate an authenticated socket

Link to this function

current_claims(socket, key \\ :default) View Source 
current_claims(Phoenix.Socket.t(), atom() | String.t()) ::
  Guardian.Token.claims() | nil

Fetches the claims map that was encoded into the token from the socket.

Link to this function

current_resource(socket, key \\ :default) View Source 
current_resource(Phoenix.Socket.t(), atom() | String.t()) ::
  Guardian.Token.resource() | nil

Fetches the resource from that was previously put onto the socket.

Link to this function

current_token(socket, key \\ :default) View Source 
current_token(Phoenix.Socket.t(), atom() | String.t()) ::
  Guardian.Token.token() | nil

Fetches the token that was provided for the initial authentication. This is provided as an encoded string and fetched from the socket.

Link to this function

put_current_claims(socket, new_claims, key \\ :default) View Source 
put_current_claims(
  socket :: Phoenix.Socket.t(),
  new_claims :: Guardian.Token.claims() | nil,
  atom() | String.t() | nil
) :: Phoenix.Socket.t()

Put the current claims onto the socket for later use. Get the claims from the socket with current_claims

Link to this function

put_current_resource(socket, resource, key \\ :default) View Source 
put_current_resource(
  socket :: Phoenix.Socket.t(),
  resource :: Guardian.Token.resource() | nil,
  key :: atom() | String.t() | nil
) :: Phoenix.Socket.t()

Put the current resource onto the socket for later use. Get the resource from the socket with current_resource

Link to this function

put_current_token(socket, token, key \\ :default) View Source 
put_current_token(
  socket :: Phoenix.Socket.t(),
  token :: Guardian.Token.token() | nil,
  key :: atom() | String.t() | nil
) :: Phoenix.Socket.t()

Puts the current token onto the socket for later use.

Get the token from the socket with current_token