API Reference Phoenix API Toolkit v2.1.1


Store the raw body for verification purposes. Use as Plug.Parsers :body_reader option in endpoint pipeline.

Dynamic filtering of Ecto queries is useful for creating list/index functions, and ultimately list/index endpoints, that accept a map of filters to apply to the query. Such a map can be based on HTTP query parameters, naturally.

Generic validators and helper functions for validating Ecto changesets.

Request validator for generic (REST) requests. Meant to supplement database-level Ecto changesets. For example when creating a new entity, your database contexts / changesets will do their own validations and it would be useless to do so an extra time.

Error raised when a state-changing request does not have a "x-csrf-token" header.

Checks HMAC authentication. Expects a HMAC-<some_algorithm> of the request body to be present in the "authorization" header. Supported algorithms are those supported by :crypto.mac/4. Relies on PhoenixApiToolkit.CacheBodyReader being called by Plug.Parsers.

Error raised the HMAC used to sign a request body is invalid

Error raised when a content-carrying request does not have a content-type header.

Plug to verify an Oauth2 JWT. The JWT must be passed to the application in the authorization request header prefixed with Bearer:. The Plug must be configured with a set of JSON Web Keys used to sign the JWT's, a whitelist of algorithms that may be used to sign the JWT and the expected issuer. The optional dummy_verify setting can be used to skip JWT verification for development and testing. Requires :jose dependency in your mix.exs file.

Error raised when an Oauth2 token is invalid

Security-related plugs.

Various helper functions for writing tests.