Zoltan Arvai zoltanarvai
zoltanarvai
/ router.ex
Created Mar 23, 2019
View router.ex
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Pipeline for private apis, requires Authorisation header with Bearer token | |
| pipeline :private do | |
| plug :accepts, ["json"] | |
| plug Auth.Guardian.Pipeline | |
| end |
zoltanarvai
/ pipeline.ex
Last active Mar 23, 2019
View pipeline.ex
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| defmodule Auth.Guardian.Pipeline do | |
| @moduledoc """ | |
| Configures a set of plugs to be used with Guardian based authentication / authorisation | |
| """ | |
| use Guardian.Plug.Pipeline, | |
| otp_app: :orders, | |
| error_handler: Auth.Guardian.ErrorHandler, | |
| module: Auth.Guardian | |
| # Verify authorisation header and make sure order management is allowed for Identity |
zoltanarvai
/ dev.exs
Created Mar 23, 2019
View dev.exs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Setup Guardian with Auth0 | |
| config :orders, Auth.Guardian, | |
| allowed_algos: ["HS256"], | |
| verify_module: Guardian.JWT, | |
| issuer: "https://orders-sample.eu.auth0.com/", | |
| verify_issuer: true, | |
| secret_key: "qgXw5waJYQ8kd6LDFpqY4UuswJ4D0gGS" |
zoltanarvai
/ identity.ex
Created Mar 23, 2019
View identity.ex
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| defmodule Auth.Identity do | |
| @moduledoc """ | |
| This struct represents the Identitiy accessible on each connection | |
| """ | |
| @enforce_keys [:id] | |
| defstruct id: nil | |
| @type t() :: [ | |
| id: String.t() | |
| ] |
zoltanarvai
/ guardian.ex
Last active Mar 23, 2019
View guardian.ex
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| defmodule Auth.Guardian do | |
| @moduledoc """ | |
| This is the main Guardian module used by the application to gain access to claims, | |
| identity, token, etc. | |
| Implements callback to properly integrate with Auth0. | |
| """ | |
| use Guardian, otp_app: :orders | |
| alias Auth.Identity |
zoltanarvai
/ auth_controller.ex
Created Mar 23, 2019
View auth_controller.ex
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| defmodule OrdersWeb.AuthController do | |
| @moduledoc """ | |
| This controller allows retrieving an access token from auth0 and returning it to the user | |
| providing username / password based login capability | |
| """ | |
| use OrdersWeb, :controller | |
| alias Auth | |
| alias Auth.{Credentials, TokenResult} | |
zoltanarvai
/ auth.ex
Created Mar 23, 2019
View auth.ex
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| defmodule Auth do | |
| @moduledoc """ | |
| This module is responsible to authenticate client credentials against Auth0 | |
| and provide access_token and expires_in as a result | |
| """ | |
| alias Auth.{Credentials, TokenResult} | |
| import Base | |
| require Logger |
View token_result.ex
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| defmodule Auth.TokenResult do | |
| @moduledoc """ | |
| This struct represents the result of the authentication sign-in process. | |
| We get a JWT access token from Auth0 and an expires_in field explaining | |
| how long the token field will be available | |
| """ | |
| @enforce_keys [:access_token, :expires_in] | |
| defstruct access_token: "", expires_in: 0 | |
| @type t :: %__MODULE__{ |
zoltanarvai
/ credentials.ex
Created Mar 23, 2019
View credentials.ex
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| defmodule Auth.Credentials do | |
| @moduledoc """ | |
| This module represents and validates the credentials | |
| """ | |
| use Ecto.Schema | |
| import Ecto.Changeset | |
| alias Auth.Credentials | |
| @primary_key false |
View dev.exs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Configure auth zero for the Auth module | |
| config :orders, | |
| auth0: %{ | |
| url: %URI{ | |
| host: "orders-sample.eu.auth0.com", | |
| port: 443, | |
| scheme: "https" | |
| }, | |
| client_id: "6NeT3VHSzKK4mMXVq7BhSvAq0fUSUXUB", | |
| client_secret: "9aAIvTnSL-09QyP-ttbxy9l0NavpyySHulTMTqUYpyfTG0Clt8qz1IEAcqN5spy6", |
NewerOlder