zoltanarvai
/ router.ex
Created Mar 23, 2019
View router.ex
| # Pipeline for private apis, requires Authorisation header with Bearer token | |
| pipeline :private do | |
| plug :accepts, ["json"] | |
| plug Auth.Guardian.Pipeline | |
| end |
zoltanarvai
/ pipeline.ex
Last active Mar 23, 2019
View pipeline.ex
| defmodule Auth.Guardian.Pipeline do | |
| @moduledoc """ | |
| Configures a set of plugs to be used with Guardian based authentication / authorisation | |
| """ | |
| use Guardian.Plug.Pipeline, | |
| otp_app: :orders, | |
| error_handler: Auth.Guardian.ErrorHandler, | |
| module: Auth.Guardian | |
| # Verify authorisation header and make sure order management is allowed for Identity |
zoltanarvai
/ dev.exs
Created Mar 23, 2019
View dev.exs
| # Setup Guardian with Auth0 | |
| config :orders, Auth.Guardian, | |
| allowed_algos: ["HS256"], | |
| verify_module: Guardian.JWT, | |
| issuer: "https://orders-sample.eu.auth0.com/", | |
| verify_issuer: true, | |
| secret_key: "qgXw5waJYQ8kd6LDFpqY4UuswJ4D0gGS" |
zoltanarvai
/ identity.ex
Created Mar 23, 2019
View identity.ex
| defmodule Auth.Identity do | |
| @moduledoc """ | |
| This struct represents the Identitiy accessible on each connection | |
| """ | |
| @enforce_keys [:id] | |
| defstruct id: nil | |
| @type t() :: [ | |
| id: String.t() | |
| ] |
zoltanarvai
/ guardian.ex
Last active Mar 23, 2019
View guardian.ex
| defmodule Auth.Guardian do | |
| @moduledoc """ | |
| This is the main Guardian module used by the application to gain access to claims, | |
| identity, token, etc. | |
| Implements callback to properly integrate with Auth0. | |
| """ | |
| use Guardian, otp_app: :orders | |
| alias Auth.Identity |
zoltanarvai
/ auth_controller.ex
Created Mar 23, 2019
View auth_controller.ex
| defmodule OrdersWeb.AuthController do | |
| @moduledoc """ | |
| This controller allows retrieving an access token from auth0 and returning it to the user | |
| providing username / password based login capability | |
| """ | |
| use OrdersWeb, :controller | |
| alias Auth | |
| alias Auth.{Credentials, TokenResult} |
zoltanarvai
/ auth.ex
Created Mar 23, 2019
View auth.ex
| defmodule Auth do | |
| @moduledoc """ | |
| This module is responsible to authenticate client credentials against Auth0 | |
| and provide access_token and expires_in as a result | |
| """ | |
| alias Auth.{Credentials, TokenResult} | |
| import Base | |
| require Logger |
View token_result.ex
| defmodule Auth.TokenResult do | |
| @moduledoc """ | |
| This struct represents the result of the authentication sign-in process. | |
| We get a JWT access token from Auth0 and an expires_in field explaining | |
| how long the token field will be available | |
| """ | |
| @enforce_keys [:access_token, :expires_in] | |
| defstruct access_token: "", expires_in: 0 | |
| @type t :: %__MODULE__{ |
zoltanarvai
/ credentials.ex
Created Mar 23, 2019
View credentials.ex
| defmodule Auth.Credentials do | |
| @moduledoc """ | |
| This module represents and validates the credentials | |
| """ | |
| use Ecto.Schema | |
| import Ecto.Changeset | |
| alias Auth.Credentials | |
| @primary_key false |
View dev.exs
| # Configure auth zero for the Auth module | |
| config :orders, | |
| auth0: %{ | |
| url: %URI{ | |
| host: "orders-sample.eu.auth0.com", | |
| port: 443, | |
| scheme: "https" | |
| }, | |
| client_id: "6NeT3VHSzKK4mMXVq7BhSvAq0fUSUXUB", | |
| client_secret: "9aAIvTnSL-09QyP-ttbxy9l0NavpyySHulTMTqUYpyfTG0Clt8qz1IEAcqN5spy6", |
NewerOlder