danww

danww

Phoenix and Auth0

Hi there,

I have an Elm frontend app, performing user login and token creation with Auth0 Lock, and then performing requests to a Phoenix API on the backend, passing the JWT token from Elm to Phoenix in an “Authorization: Bearer ” header.

I want the Phoenix API to be able to verify the supplied token in order to auth the request from the client app.

I’m currently using Guardian(API Reference — Guardian v2.4.0), configured along these lines:
Can I verify a JWToken created by Auth0 ? · Issue #211 · ueberauth/guardian · GitHub

I’m new to Phoenix.
I can’t get past ‘plug Guardian.Plug.EnsureAuthenticated’.
I’m not sure how to debug/inspect router/pipeline.
Ideally, I’d like Guardian.Plug.EnsureAuthenticated to reside in the pipeline, rather than in each controller.

Am I correct in assuming that Guardian will actually verify the supplied token with Auth0?
Because there doesn’t seem to be any provision in the config for the Auth0 ‘client_id’, which I expect would be necessary.

Marked As Solved

danww

danww

I started from the beginning, setting up Guardian from scratch, and it worked.
I’m still not clear why it wasn’t working in the first instance.

If anyone is interested, I did the following:

mix.exs:

  • Added Guardian.
...
def application do
  [mod: {MyApp, []},
   applications: [:phoenix, ..., :guardian, ...]]
end

...

defp deps do
  [{:phoenix, "~> 1.2.1"},
   ...,
   {:guardian, "~> 0.14"}]
end

…then ran mix deps.get

config.exs

  • set allowed_algos to HS256
  • set issuer to Auth0 domain
  • set verify_issuer to false. This may have been what solved it, although I did try changing this in my initial attempt.
  • set secret_key to Auth0 client secret
  • set up my own serializer - see next step.
...
config :guardian, Guardian,
  allowed_algos: ["HS256"], # optional
  verify_module: Guardian.JWT,  # optional
  issuer: <Auth0 domain>,
  ttl: { 30, :days },
  allowed_drift: 2000,
  verify_issuer: false,
  secret_key: <Auth0 client secret>,
  serializer: MyApp.GuardianSerializer

...

serializer.ex

  • I’m not getting anything in/out of the token at this point, so this is not of any significance, just yet
defmodule MyApp.GuardianSerializer do
  @behaviour Guardian.Serializer

  def for_token(id), do: {:ok, id}
  def from_token(id), do: {:ok, id}

end

router.ex

  • Added the following Guardian plugs to the exisiting :api pipeline, as follows
...
pipeline :api do
  plug :accepts, ["json"]
  plug Guardian.Plug.VerifyHeader, realm: "Bearer"
  plug Guardian.Plug.EnsureAuthenticated
  plug Guardian.Plug.LoadResource
end
...

And that seemed to do the trick.

Thanks all, for your help

Also Liked

krapans

krapans

How do you pass in the request from front-end the JWT token?

danww

danww

I’m adding a header (Authorization: Bearer <token>) to the request.
I understand Guardian should find and verify this token with the plug Guardian.Plug.VerifyHeader, realm: "Bearer" in the pipeline. I’m using the same Auth0 secret in the config for both client and server.

krapans

krapans

Ok, from this what you are saying everything sounds fine. I guess you need provide some code examples, so maybe then I could check out it and give you feedback.

Where Next?

Popular in Questions Top

chokchit
** (DBConnection.ConnectionError) connection not available and request was dropped from queue after 2733ms. You can configure how long re...
New
vertexbuffer
Hello, can anybody help here..? I have a list of players and I what to delete an element, but every for loop the list is reverting to ori...
New
senggen
Erlang/OTP 25 [erts-13.2.2] [source] [64-bit] [smp:8:8] [ds:8:8:10] [async-threads:1] 15:22:35.803 [error] gen_event {lager_file_backend...
New
Patoshizzle
After calling mix ecto.create I get this error: 17:00:32.162 [error] GenServer #PID&lt;0.412.0&gt; terminating ** (Postgrex.Error) FATAL...
New
myronmarston
The Elixir Typespec docs show the following syntax for keyword lists in typespecs: # ... | [key: type] # keyword lists...
New
nobody
How to bind a phoenix app to a specific ip address? could not find anything about that, nowhere, unfortunately, but for me this is quite...
New
jaysoifer
Is there a way to rollback a specific migration and only that one (“skipping” all the other ones)? Would mix ecto.rollback -v 200809061...
New
beno
I will often find my self writing things similar to: case some_value do nil -&gt; something() "" -&gt; something() _ -&gt; somethi...
New
komlanvi
Hi everyone, I was playing with phoenix liveView but I run into an issue. I have a form and want to validate each input text when the te...
New
vonH
In asking this question I am more interested about the expressiveness of the language itself and less concerned about the availability of...
New

Other popular topics Top

sen
Hi All, I set a environment variables in dev.exs , like below code. when i start server, how can i set the ${enable} value? thanks. d...
New
albydarned
Hello all! I am typing this post from my new MacBook Pro with the M1 chip. I’m loving it so far, and will probably use it as my daily dr...
New
Nvim
Anybody knows a comprehensive comparison of Django and Phoenix, thanks for the help. Where are they similar? Where do they differ the m...
New
Patoshizzle
After calling mix ecto.create I get this error: 17:00:32.162 [error] GenServer #PID&lt;0.412.0&gt; terminating ** (Postgrex.Error) FATAL...
New
Qqwy
Original source of discussion: This topic on the Pragmatic Programmers’ Functional Web Development with Elixir, OTP, and Phoenix forum. ...
New
shijith.k
I am trying to start a new phoenix project with elixir 1.9, but mix phx.new does not work. It says that ** (Mix) The task "phx.new" could...
New
AstonJ
We’ve put together this wiki for Phoenix LiveView - please feel free to add any info you feel is worth including. What is Phoenix LiveV...
New
hariharasudhan94
I would like to know what is the best IDE for elixir development?
New
AstonJ
Seen any cool LiveView demos, sample apps or examples? Please post them here! :003:
New
jononomo
For some reason my phoenix channels are working for me in my local dev environment, but as soon as I deploy via Docker, I get a 403 error...
New

We're in Beta

About us Mission Statement