In my Elixir phoenix web app, I have a plug which handles requests made to an internal endpoint which forbids access to all users without a proper authorization in the request header.
Sounds simple right? Well it is, the below is my plug. It checks if the incoming request has a "simwms-master-key" field, and passes all users who have that key.