Is it possible to configure Plug.Static
so that some resources (but not all) return a 401 when accessed without a proper session cookie ? (My application uses Guardian, the idea would be to reuse the same plug pipeline)
I don’t think Plug.Static
can be configured that way. However, I think you can alter your pipeline to include Guardian, but skipping it unless the requested path is not in a list.
You should be able to plug Plug.Static in your router pipelines as well. Some caveats:
- You need to read files from another file system path. For example “priv/private” instead of “priv/static”
- static_path in Phoenix won’t know about it, so you will need to generate the paths manually. It should be as easy as
url(conn) <> "/private/images/foo.png"
. Make it a helper if necessary
2 Likes