maz
Guardian session disappears
I am using Guardian Plug to authenticate via a REST API with JWT tokens. I would like to use the same site to login via the web and store a session with a cookie. I do this with the same pipeline as the one that issues jwt json. I’ve also tried implementing this with a completely different Guardian pipeline, but still seeing the same problem .. so I think I’m missing something.
login_controller.ex:
case Authenticator.get_user_for_email_or_name_password(email, password) do
nil ->
conn
|> put_flash(:error, "Invalid credentials!")
|> render("new.html")
user ->
conn
|> GuardianImpl.Plug.sign_in(user)
|> assign(:current_user, user)
|> put_user_token(user)
|> render("home.html")
This following chunk momentarily reports a valid current_resource(), but the moment I try to access an authenticated route /admin/notification/send, the Guardian ErrorHandler fires and returns 401(unauthorized because unauthenticated). I know for sure sign_out() is not being called .. so what could be wrong?
def user_logged_in?(conn) do
GuardianImpl.Plug.current_resource(conn)
!is_nil(GuardianImpl.Plug.current_resource(conn))
end
router:
# ---- Pipelines ----
pipeline :browser do
plug :accepts, ["html"]
plug :fetch_session
plug :fetch_flash
plug :protect_from_forgery
plug :put_secure_browser_headers
plug :put_layout, {FaithfulWordApi.LayoutView, :app}
plug(GuardianImpl.Pipeline)
end
pipeline :authentication_required do
plug Guardian.Plug.EnsureAuthenticated
end
scope "/", FaithfulWordApi do
pipe_through [:browser, :authentication_required]
scope "/admin" do
get "/upload", UploadController, :index
get "/notification/send", PushMessageController, :index
end
end
First Post!
mythicalprogrammer
conn
|> GuardianImpl.Plug.sign_in(user)
|> assign(:current_user, user)
|> put_user_token(user)
|> render("home.html")
Is this… correct? I have no idea how your Guardian Plug is implemented but IIRC guardian have it’s own function to create jwt tokens either :refresh or :claim. And iirc it would write the user cookie with the jwt created so I’m not entirely sure about this line |> assign(:current_user, user) |> put_user_token(user) or even what the logic behind it? Maybe I’m wrong…
Popular in Chat/Questions
Other popular topics
Categories:
Sub Categories:
Forums
Popular Tags
- #ecto
- #liveview
- #troubleshooting
- #learning-elixir
- #deployment
- #library
- #erlang
- #testing
- #genserver
- #mix
- #absinthe
- #remote-other
- #otp
- #plug
- #how-to-question
- #macros
- #postgres
- #channels
- #elixirconf
- #exunit
- #discussion
- #javascript
- #code-sync
- #podcasts
- #onsite
- #dialyzer
- #docker
- #authentication
- #umbrella
- #full-time-contract
- #podcasts-by-brainlid
- #ecto-query
- #elixir-ls
- #phoenix_html
- #iex
- #blog-post
- #graphql
- #genstage
- #ai
- #websockets
- #supervisor
- #advent-of-code
- #elixirconf-us
- #distillery
- #processes
- #forms
- #api
- #metaprogramming
- #security
- #performance








