Authenticating phoenix channel from a react native app

I’m trying to connect a react native mobile app to a phoenix backend, through channels. The phoenix channels JavaScript client should work fine. I’m struggling with understanding how to authenticate the socket (is this even correct, am I authenticating to the socket, channel, or topic subscription?).

I could see how I would need to present some login screen in the react native app, and use the credentials to pass through to an api endpoint (json REST endpoint?) in order to obtain a token that I can use to initialize the channel connection. Or can I pass the initial credentials directly through the channel too?

To make things even more challenging, I’m trying to figure out an authentication scheme that avoids complicated user input on the app itself (the app can be considered an simple IoT device with limited capabilities for user input). I’ve seen schemes where authentication is initiated on a device, then a unique six digit code is shown, which needs to be replicated on some other interface where you’re already logged in.

I guess I need to understand the first part before I can move on to the more complicated situation described above. I’m a bit overwhelmed by the possibilities, and the different ways to communicate with phoenix. There are also these authentication libraries (pow, guardian, etc.) that I might or might not need.

A reference to a good similar setup, both backend and mobile app, would get me a long way.

Thanks in advance!

This is what I have been doing with React and React native.

This would need the channel to be open before authentication.

1 Like