I am currently using Guardian Library for Authentication, According to docs Simple-Guardian , Once the user logged in, generated JWT TOKEN will stored into Session, from then On each subsequent Request, It fetches token from Session to Load the resource associated with the token, but i am not clear how it finds token from the session.When i check developer tools in Chrome for Cookies it doesn’t store Session ID , then how it finds token depends upon user?
The JWT is actually stored on the session. The default Session store for Phoenix is cookies. By default your cookies are signed with secret_key_base so when you are viewing them from the chrome dev tools they are not quite clear. Have a look here http://www.phoenixframework.org/docs/sessions . You can also inspect your conn struct when you hit your controller and have a closer look at your session.
4 Likes
