Is there a way to setup bodyguard authorization to deny by default in mount and handle_event callbacks?

I’m polishing the authorization rules in my app, getting it ready for the internet. I decided on bodyguard as the authorization library.

Is it possible for me to auto-deny in my mount functions and handle_event callbacks unless I provide a specific authorization callback? I want to try and eliminate the situation when I or someone else forgets to authorize an event or mount function that should be authorized.

1 Like