I have been working for the last couple weeks on an authentication library that I have enjoyed using in my own personal projects. I would like to hear other peoples opinions!
I’ve read all the docs on AccessPass and it looks to do exactly what I’m trying to implement. I followed the crash course and I think I’m like 75% there, but I can’t work out how to get the AccessPath functions to work with my existing plug. Any suggestions would be great.
I’m new and admittedly pretty dense with Elixir/Phoenix, but I’m learning!
Sorry for the delay, I also get to put out fires (figuratively)
I have the library installed and a route set up at /admin that returns ‘unauthorized’ when I load it, so it seems to be working. Where I’m lost is what to do now.
Do I need to set up a register/login form and POST the info through @conn? If so, I don’t seem to have proper routes set up for the AccessPass functions.
Am I not setting it up properly in the Router? Do I need to put/call the AccessPass lib files differently? I’ve been trough the docs a bunch of times and they just sort of end where I’m stuck.
My router.ex:
defmodule TcbWeb.Router do
use TcbWeb, :router
use AccessPass.Routes
pipeline :browser do
plug :accepts, ["html"]
plug :fetch_session
plug :fetch_flash
plug :protect_from_forgery
plug :put_secure_browser_headers
end
pipeline :api do
plug :accepts, ["json"]
end
pipeline :auth do
plug Auth #Auth is an AccessPass plug to require auth on routes
end
scope "/" do
access_pass :routes
pipe_through :browser # Use the default browser stack
get "/", PageController, :index
resources "/tusers", TcbWeb.TuserController
resources "/search_data", TcbWeb.TuserController
resources "/notes", TcbWeb.TuserController
resources "/login", TcbWeb.LoginController
end
scope "/admin" do
pipe_through :auth
get "/", PageController, :index
end
end
My routes:
_path GET /check AccessPass.Controller :check
_path GET /refresh AccessPass.Controller :refresh
_path POST /register AccessPass.Controller :register
_path POST /confirm AccessPass.Controller :confirm
_path POST /login AccessPass.Controller :login
_path POST /reset_password AccessPass.Controller :reset_password
_path POST /forgot_username AccessPass.Controller :forgot_username
_path POST /logout AccessPass.Controller :logout
_path POST /change_password AccessPass.Controller :change_password
page_path GET / PageController :index
tuser_path GET /tusers TcbWeb.TuserController :index
tuser_path GET /tusers/:id/edit TcbWeb.TuserController :edit
tuser_path GET /tusers/new TcbWeb.TuserController :new
tuser_path GET /tusers/:id TcbWeb.TuserController :show
tuser_path POST /tusers TcbWeb.TuserController :create
tuser_path PATCH /tusers/:id TcbWeb.TuserController :update
PUT /tusers/:id TcbWeb.TuserController :update
tuser_path DELETE /tusers/:id TcbWeb.TuserController :delete
tuser_path GET /search_data TcbWeb.TuserController :index
tuser_path GET /search_data/:id/edit TcbWeb.TuserController :edit
tuser_path GET /search_data/new TcbWeb.TuserController :new
tuser_path GET /search_data/:id TcbWeb.TuserController :show
tuser_path POST /search_data TcbWeb.TuserController :create
tuser_path PATCH /search_data/:id TcbWeb.TuserController :update
PUT /search_data/:id TcbWeb.TuserController :update
tuser_path DELETE /search_data/:id TcbWeb.TuserController :delete
tuser_path GET /notes TcbWeb.TuserController :index
tuser_path GET /notes/:id/edit TcbWeb.TuserController :edit
tuser_path GET /notes/new TcbWeb.TuserController :new
tuser_path GET /notes/:id TcbWeb.TuserController :show
tuser_path POST /notes TcbWeb.TuserController :create
tuser_path PATCH /notes/:id TcbWeb.TuserController :update
PUT /notes/:id TcbWeb.TuserController :update
tuser_path DELETE /notes/:id TcbWeb.TuserController :delete
login_path GET /login TcbWeb.LoginController :index
login_path GET /login/:id/edit TcbWeb.LoginController :edit
login_path GET /login/new TcbWeb.LoginController :new
login_path GET /login/:id TcbWeb.LoginController :show
login_path POST /login TcbWeb.LoginController :create
login_path PATCH /login/:id TcbWeb.LoginController :update
PUT /login/:id TcbWeb.LoginController :update
login_path DELETE /login/:id TcbWeb.LoginController :delete
_path GET /admin AccessPass.Controller :index
Thanks for your time. I like alot about Elixir, but it’s a tough one to learn!
First off thanks for using the AccessPass. AccessPass handles all the API related stuff for user auth so you are correct in that you need to now use Login or Register endpoints to get an access token. AccessPass will then check any request you use the auth pipeline on for a request header ‘access-token’ that is valid.