Elixir/Phoenix Framework authentication/authorization

0
votes

I am doing a project for an elixir / phoenix framework. There was a question on authorization. For example, I have a route:

get "/dashboard", DashboardController, :index

I want only logged-in users to be able to go this route. As I present this process: the user goes along this route, it checks that the user is logged in. If yes, then the controller function that processes this route is called, if not, then a redirect to the login page occurs. Tell me, please, how to correctly implement this in phoenix framework? There can be many similar routes, I would like to have 1 handler for this.

1
elixirphoenix-frameworkphoenix
What auth library do you use? Basically, you need to add a respective plug into your pipeline.Aleksei Matiushkin
@AlekseiMatiushkin , I would like to have some kind of route pre-handler that would just check the value in the session and either let user go along the route or notДенис Корх
hexdocs.pm/phoenix/Phoenix.Router.html?#pipeline/2Aleksei Matiushkin
You're basically asking for a recommendation--which is considered off-topic here on S O. Maybe you could do a bit of research yourself and then narrow your question.Onorio Catenacci

1 Answers

1
votes

I am using pow for authentication. I have the following pipeline:

 pipeline :protected do
    plug Pow.Plug.RequireAuthenticated,
      error_handler: Pow.Phoenix.PlugErrorHandler
  end

Then, I just need to pass my scope through the right pipe:

 scope "/dashboard", MyAppWeb do
    pipe_through [:browser, :protected]
    get "/", PageController, :dashboard
  end

All the paths that require authentication would go there. If you want it for some other library/implementation, the approach should be similar. You can see an example of authentication using Guardian in here, where the scope is used in the same way.