sreyansjain

sreyansjain

How to approach Authentication and Authorization in Hologram

Since Hologram is getting production ready, and Authentication and Authorization is a crucial step in making production apps, let’s discuss how to approach authentication and authorization in Hologram.

We can create a login form and then store the user token in a cookie and session. On subsequent pages we can check for the token in the session and get a user struct from the token and put it in the session.

Or

We can use a library like Guardian etc and follow the same steps.

My questions are -

  1. Is this the idiomatic way to do auth in Hologram. Since Hologram routes get called before the Router pipeline in Phoenix, whats the best approach to handle this in the pipeline itself instead of checking it in the init function in every page.
  2. What if the user logs in on another device and clicks log out from all devices. What should happen on the existing device. Should the user be logged out if the tries to invoke any command. If yes, how to do that in an idiomatic way. Or the user should be logged out immediately (it might require Pub- Sub).
  3. Phoenix has introduced scopes that can help in authorization as well as multi tenancy. How can we approach authorization in Hologram. Can we create some pipelines and nest the routes in them?

Getting some guidelines on these would really help move apps to prod. Thanks.

Most Liked

bartblast

bartblast

Creator of Hologram

Hey @sreyansjain, let me address your points:

Planned Lifecycle Method (Setup/Middleware)

Hologram will have a lifecycle method that will be invoked before component/page inits. It will probably be called “setup”, and will be treated as Hologram middleware (in place of Phoenix pipelines in the router).

The middleware will work a little differently than in Phoenix, since Hologram has different architecture and has no router. You’ll be able to create separate modules that you can plug into the setup lifecycle, and you’ll be able to use different “setup” functions in different pages. Or create specialized pages that use specific “setup” functions by default - e.g. instead of use Hologram.Page you could do use MyApp.AdminPage that will have the specialized setup implementation applied.

It will have access to raw headers and will be able to modify the input of the component/page init functions.

Current Capabilities

Since this isn’t implemented yet, I’m not ready to talk about official auth conventions, but since init/3 functions have access to server structs on which you can access/modify cookies and sessions, you can implement most auth behavior today. Commands also have access to server structs and can be authorized in the same way.

  • You can use very similar approaches as in today’s Phoenix auth solutions
  • Your example is reasonable - authenticate a user in an init/3 function and save some token/user_id to a cookie for later authorization
  • You can use any authorization libraries server-side (Guardian building blocks outside plug system, Ash policies, Permit, etc.)

Multi-device logout

Your example of pubsub and logging out of other devices is not a strictly Hologram-related question - this is a universal auth problem and depends on business requirements. The solution you specified seems like a reasonable approach and should be possible once Hologram has pub/sub implemented.


The current capabilities should get you pretty far for production, and the planned middleware system will make it much more ergonomic.

Where Next?

Popular in Questions Top

vertexbuffer
Hello, can anybody help here..? I have a list of players and I what to delete an element, but every for loop the list is reverting to ori...
New
9mm
I am constructing a JSON object (map) and I need to conditionally set a field. I’m trying to write proper elixir-way code… and I’m at a l...
New
WestKeys
Currently suffering from paralysis by [HTTP client] analysis. This is rather unusual in Elixirland as there tends to be consensus on the ...
New
Kurisu
For example for a current url like http://localhost:4000/cosmetic/products?_utf8=✓&query=perfume&page=2, I would like to get: ...
New
albydarned
Hello all! I am typing this post from my new MacBook Pro with the M1 chip. I’m loving it so far, and will probably use it as my daily dr...
New
alice
Hey, Just curious what are the main benefits of Elixir compared to Clojure? When is Elixir more useful than Clojure and vice versa? Th...
New
nobody
Hi! In PHP: $_SERVER[‘SERVER_ADDR’] - in Elixir? Searched the docs for ip address and the web, no good results. Thanks!
New
dblack
I’ve got an issue with an app and I’ve no idea of how to troubleshoot it. I’m hoping someone here might have seen something similar. I p...
New
openscript
Hello! Sorry for this astonishing simple question, but I’m really stuck. I try to set up the intellij-elixir plugin, but I don’t know ho...
New
hariharasudhan94
Lets say I have map like this fetching from my database %{"_id" => #BSON.ObjectId<58eb1a7a9ad169198c3dXXXX>, "email" => ...
New

Other popular topics Top

senggen
Erlang/OTP 25 [erts-13.2.2] [source] [64-bit] [smp:8:8] [ds:8:8:10] [async-threads:1] 15:22:35.803 [error] gen_event {lager_file_backend...
New
AstonJ
Posting this to see if we can make things easier for people to get into Neovim. If you use Neovim and have a favourite distro please let ...
New
Darmani72
If I have a post route which an argument: post /my_post_route/:my_param1, MyController.my_post_handler How would get the post params ...
New
stefanluptak
Hello everybody, usually, I use a 29" ultra-wide monitor for VSCode which can easily accomodate explorer (files panel) + file with code ...
New
vrod
I am using the Starship cross-shell prompt – it seems pretty nice, but I get some errors: [WARN] - (starship::utils): Executing command ...
New
aalberti333
As the title describes, I’m trying to run Enum.map() over a list of key/value pairs, where the value is a map. My data looks like this: ...
New
saif
Hello everyone, Long time lurker first time poster here. I’ve recently begun working on Elixir full-time again! :raised_hands: It’s been...
New
KronicDeth
Elixir plugin for JetBrain’s IntelliJ Platform (including Rubymine) This is a plugin that adds support for Elixir to JetBrains IntelliJ...
289 36352 110
New
boundedvariable
I am going through the kafka architecture. All the features what the kafka is providing are already in Erlang. I would like hear your opi...
New
komlanvi
Hi everyone, I was playing with phoenix liveView but I run into an issue. I have a form and want to validate each input text when the te...
New

Latest on Elixir Forum

Elixir Forum

We're in Beta

About us Mission Statement