The phx.gen.auth
module has been super helpful for both plug-and-play authentication in the application as well as learning through code.
This is what I found in user_auth.ex
in the controller folder -
@doc """
Used for routes that require the user to be authenticated.
If you want to enforce the user email is confirmed before
they use the application at all, here would be a good place.
"""
def require_authenticated_user(conn, _opts) do
if conn.assigns[:current_user] do
conn
else
conn
|> put_flash(:error, "You must log in to access this page.")
|> maybe_store_return_to()
|> redirect(to: Routes.user_session_path(conn, :new))
|> halt()
end
end
Look at how beautifully it is documented that - this is a good place if you want to allow only confirmed users to login.
The above function is a plug - and - is using conn
which is not available in LiveView. So, modifying the code here would mean it would work only for regular views. For a LiveView, should we duplicate the code? Or is there any best practice available?