sodapopcan
Fetching the current user with Ash + Hologram
This is an Ash and Hologram question, though I suppose it’s more of an Ash question sooooo:
For anyone using Hologram with Ash, how do you go about fetching the current user? I cobbled together something with help from The Machine with the preparation. It looks like:
# domain
resource MyApp.Accounts.User do
define :get_by_token, action: :get_by_token, args: [:token]
end
#resource
read :get_by_token do
argument :token, :string, allow_nil?: false
get? true
prepare MyApp.Accounts.FilterByToken
end
policy action(:get_by_token) do
authorize_if always()
end
# preparation
@impl true
def prepare(query, opts, context) do
token = Ash.Query.get_argument(query, :token)
case AshAuthentication.Jwt.verify(token, MyApp.Accounts.User) do
{:ok, claims, _} ->
query
|> Ash.Query.set_argument(:subject, claims["sub"])
|> AshAuthentication.Preparations.FilterBySubject.prepare(opts, context)
{:error, _} ->
Ash.Query.filter(query, false)
end
end
Then I do MyApp.Accounts.get_by_token(server.session["user_token"]) in my Hologram pages. Does anyone do anything drastically different/simpler? Is this approach all right?
Most Liked
zachdaniel
I’m pretty sure AshAuthentication provides actions out of the box for this. Not sure if you generated your app after we made the generators add actions to the resources, but there is, for example, an action for getting a user by token etc.
I haven’t used hologram yet so I can’t speak to it much more beyond that.
sodapopcan
Sorry for the long delay here.
I used the generator from ash-hq. I just generated a new app again today and there is still no get_by_token in the User resource, just a get_by_subject which still requires taking the steps above (although it can be simplified to pattern matching the subject out of the claims and using get_by_subject instead of the preparation as above).
EDIT: For a bit more context, I’m only using magic link auth atm.
Popular in Questions
Other popular topics
Categories:
Sub Categories:
Forums
Popular Tags
- #ecto
- #liveview
- #troubleshooting
- #learning-elixir
- #deployment
- #library
- #erlang
- #testing
- #genserver
- #mix
- #absinthe
- #remote-other
- #otp
- #plug
- #how-to-question
- #macros
- #postgres
- #channels
- #elixirconf
- #exunit
- #discussion
- #code-sync
- #javascript
- #podcasts
- #onsite
- #dialyzer
- #docker
- #authentication
- #umbrella
- #full-time-contract
- #podcasts-by-brainlid
- #ecto-query
- #elixir-ls
- #phoenix_html
- #iex
- #blog-post
- #graphql
- #genstage
- #ai
- #websockets
- #supervisor
- #advent-of-code
- #elixirconf-us
- #distillery
- #processes
- #forms
- #api
- #metaprogramming
- #security
- #performance








