Good tutorials/complex work auth in Elixir/Phoenix

Hello everyone. I am gonna start with Elixir/Phoenix, thinking to use Stephen Grider as a start point, then elixir school and other sources.
What I would like to find. I have been looking for a lot of tutorials, but can’t find something suitable for myself with Guardian or a similar library. I would like to implement a few projects like a blog, chat, etc. I have found already some solutions with building associations, many too many, one too many, direct SQL queries. But auth is a blind point for me. Because I will need not only to setup Guardian (or similar), but also secure my API routes (for example only authorized users can post messages, posts, comments, etc). Or a user must be authorized to watch their own messages. Sure I can just ignore auth now, but would like to start with it as well. Would be grateful for any help.

1 Like

I would recommend you to read on how Plugs work, once you understand that, you can simply read on how to use Guardian, either as a plug, or custom functionality inside your own custom plug.

3 Likes

None of the things you’ve described require Guardian.

I recommend starting with phx.gen.auth and writing straightforward code in your controllers / LiveViews to check “is there a user?” etc. When/if that starts to feel too complicated, then start looking for additional libraries; you’ll know what you need a lot better at that point.

3 Likes

I was in your shoes, a while back, until I found this comprehensive tutorial on approaching Authorization:


There’s no shortcut, no library can save you.

Just learn from the above tutorial, and then take it further as per your requirements.

I put some of my thoughts on this, in another thread:

2 Likes

Guys thanks you very much, appreciate your help. I will do it according to your recommendations. I really see that Elixir community is really friendly! Hope it’s also possible to find a job there with general background from Golang, Python and other languages.

3 Likes