I recently started working with LiveView and I am trying to wrap my mind around its concepts. I have an application that allows users to register and log-in to the application. Once the user clicks register, he is redirected to the register page that has register form. But now I would like to remove access to all register links and disable access to all the register routes by returning 401 (Unauthorized) status code. Would appreciate some guidance on where or how to achieve this. Thank you
I don’t think you yet grasp how it works. It’s not an API and it uses Websocket not http requests so you can’t just return 401 http status code. You should have authorization check in LiveView code that checks if user is authorized or not. So just logout user by removing their authorization and then redirect them to page where unauthorized users are usually redirected to.
I don’t how your authorization has been done but here is an example how I would do it.
Company I work for doesn’t use Elixir but because of requirements for our app I created a login system based on authorizations. So instead of having authorization cookie we have JWT token in a cookie that contains unique client id for the browser. Then when user logs in we write authorization for the client id to database. So we only need to remove authorization from database for that client id if we want to logout someone. This also allows us to logout user from all browsers they have used to log in.
Only thing we do for the cookie is when half of its time to expiration has been reached we (renew) create new cookie with same client id with new expiration date.