Hello,
I create the token first in my project’s source and send it to Pipeline.
For example:
Test for create token:
url : http://localhost:4000/api/users/sign-in
value : password : "2"
Test for authorization :
url : http://localhost:4000/api/users/sign-out
header : Authorization : Bearer Token
I get the {"message":"unauthorized"}
when I send a request to sign-out
My pipline :
defmodule ApiTrangell.AuthPipeline do
@claims %{typ: "access"}
use Guardian.Plug.Pipeline, otp_app: :api_trangell,
module: ApiTrangell.Guardian,
error_handler: ApiTrangell.AuthErrorHandler
plug Guardian.Plug.VerifySession, claims: @claims
plug Guardian.Plug.VerifyHeader, claims: @claims, realm: "Bearer"
plug Guardian.Plug.EnsureAuthenticated
# plug Guardian.Permissions.Bitwise, ensure: %{default: [:public_profile], user_actions: [:books]}
plug Guardian.Plug.LoadResource, ensure: true
end
A code in which the token is made :
def sign_in(conn, %{"password" => password,}) do
user = %{id: "1", user: "shahryar"}
case password do
"2" ->
perms = %{default: [:public_profile], user_actions: [:books]}
# {:ok, token, _claims} = ApiTrangell.Guardian.encode_and_sign(user, %{some: "claim", userid: 2, admin: 2, pem: %{default: [:public_profile], user_actions: [:books]}}, token_type: "access",ttl: {99, :weeks})
conn = ApiTrangell.Guardian.Plug.sign_in(conn, user, %{some: "claim", admin: 12}, permissions: perms)
# json conn, %Person{token: token}
json conn, %Person{token: ApiTrangell.Guardian.Plug.current_token(conn)}
_ ->
conn |> send_resp(204, "sss")
Meanwhile, I have tested without Plug and succeed.
user = %{id: "1", user: "shahryar"}
{:ok, token, claims} = ApiTrangell.Guardian.encode_and_sign(user, %{some: "claim", userid: 2, admin: 2, pem: %{default: [:public_profile], user_actions: [:books]}}, token_type: "access",ttl: {99, :weeks})
claims |> ApiTrangell.Auth.Token.decode_permissions_from_claims |> ApiTrangell.Auth.Token.all_permissions?(%{default: [:public_profile], user_actions: [:books]})
How do I fix this ? Thanks.
1 Like
doesn’t anybody know how to fix my problem?
I am not sure but maybe first you should sign_in in “test for authorization”. Looks like if you sign in at different test you just sign in only for that test.