From my latest post/question I followed the complete tutorial explaing how to handle context & authentication/authorization by @chrismccord …and I took advantage of his post about decoupling auth from dockyard blog auth for phoenix context
Continuing the discussion from Phoenix 1.3.0 released:
According to this, In a CMS all created post/page needs an authenticated author with their session (that’s great).
Now suppose a situation in which not all created post/page needs a referenced author or maybe not all author have to be logged in before creating their page. how code will looks like?
thanks for your reply @OvermindDL1 , in my own opinon the user_registration concerns the Admin system’s part and shouldn’t be exposed… so:
when the Admin is logged in/registered… S/he can achieve administrative tasks (create Users, Authors, pages, etc.) that’s allowed by:
scope "/cms", HelloWeb.CMS, as: :cms do
pipe_through [:browser, :authenticate_user]
resources "/pages", PageController
end
for the page’s tasks
1.
2. In the mentioned case earlier if we consider that scope CMS is the admin part and we want to allow pages to be created through the public part by author without being linked into an account , we can use another line of scope named pipe_through :public or pipe_through :browser instead of pipe_through : authenticate_user
scope "/", HelloWeb do
pipe_through :public # or pipe_through :browser
resources "/students", StudentController only [:new, :create, :show]
end
and then define the plug :public i’m not sure but it could be improved / corrected…
defp public(conn, _) do
if conn.assigns[:current_user] do
conn
|> Phoenix.Controller.put_flash(:success, "You're in!")
|> Phoenix.Controller.redirect(to: .....page_path...(conn, :show)
|> halt()
else
conn
|> Phoenix.Controller.redirect(to: .....page_path...(conn, [:create, :show])
end
end
auth for phoenix context
