Skip to content

Instantly share code, notes, and snippets.

@kjrocker

kjrocker/router.ex

Created July 16, 2017 21:45
Show Gist options
  • Save kjrocker/be88843887edeae181c4cf0cc241f97c to your computer and use it in GitHub Desktop.
Save kjrocker/be88843887edeae181c4cf0cc241f97c to your computer and use it in GitHub Desktop.
Download ZIP
Phoenix Authentication Issues
Raw
router.ex
pipeline :browser do
...Default plugs...
end
pipeline :browser_auth do
...Guardian.Plug modules...
end
scope "/", FfReader.Web do
pipe_through :browser
resources "/posts", PostController, only: [:show]
end
scope "/", FfReader.Web do
pipe_through [:browser, :browser_auth]
resources "/posts", PostController, only: [:new]
end
Raw
user_controller.ex
# Assume all actions are using the `browser` pipeline only
plug :authenticate_user when not action in [:index, :show]
def show(conn, _params) do
...show method here...
end
def new(conn, _params) do
...new method here...
end
defp authenticate_user(conn, _opts) do
conn
|> Guardian.EnsureAuthenticated
|> Guardian.EnsureResource
end
@kjrocker
Copy link
Author

kjrocker commented Jul 16, 2017
edited
Loading

The first version has a conflict where getting /posts/new ends up matching /posts/:id, which is not desirable.

The second version uses syntax that, as far as I can tell, doesn't actually exist. The composition of module plugs wrapped around a function plug is apparently impossible. This is closest to the kind of thing I'm comfortable with, where the router's responsibility is defining which routes exist, and the controller determines how different routes behave.

I'm aware that module plugs have init and call functions behind the scenes, but calling those manually didn't help either.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment