How does Guardian.Permissions work?

I create the token first in my project’s source and send it to Pipeline.

For example:

Test for create token:
url : http://localhost:4000/api/users/sign-in
value : password : "2"
Test for authorization :
url : http://localhost:4000/api/users/sign-out
header :  Authorization : Bearer Token

I get the {"message":"unauthorized"} when I send a request to sign-out

My pipline :

A code in which the token is made :

Meanwhile, I have tested without Plug and succeed.

user = %{id: "1", user: "shahryar"}

{:ok, token, claims} = ApiTrangell.Guardian.encode_and_sign(user, %{some: "claim", userid: 2, admin: 2, pem: %{default: [:public_profile], user_actions: [:books]}}, token_type: "access",ttl: {99, :weeks})

claims |> ApiTrangell.Auth.Token.decode_permissions_from_claims |> ApiTrangell.Auth.Token.all_permissions?(%{default: [:public_profile], user_actions: [:books]})   

How do I fix this ? Thanks.

1 Like

doesn’t anybody know how to fix my problem?

I am not sure but maybe first you should sign_in in “test for authorization”. Looks like if you sign in at different test you just sign in only for that test.