Skip to content

Instantly share code, notes, and snippets.

Zoltan Arvai zoltanarvai

Block or report user

Report or block zoltanarvai

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
View router.ex
# Pipeline for private apis, requires Authorisation header with Bearer token
pipeline :private do
plug :accepts, ["json"]
plug Auth.Guardian.Pipeline
View pipeline.ex
defmodule Auth.Guardian.Pipeline do
@moduledoc """
Configures a set of plugs to be used with Guardian based authentication / authorisation
use Guardian.Plug.Pipeline,
otp_app: :orders,
error_handler: Auth.Guardian.ErrorHandler,
module: Auth.Guardian
# Verify authorisation header and make sure order management is allowed for Identity
View dev.exs
# Setup Guardian with Auth0
config :orders, Auth.Guardian,
allowed_algos: ["HS256"],
verify_module: Guardian.JWT,
issuer: "",
verify_issuer: true,
secret_key: "qgXw5waJYQ8kd6LDFpqY4UuswJ4D0gGS"
View identity.ex
defmodule Auth.Identity do
@moduledoc """
This struct represents the Identitiy accessible on each connection
@enforce_keys [:id]
defstruct id: nil
@type t() :: [
id: String.t()
View guardian.ex
defmodule Auth.Guardian do
@moduledoc """
This is the main Guardian module used by the application to gain access to claims,
identity, token, etc.
Implements callback to properly integrate with Auth0.
use Guardian, otp_app: :orders
alias Auth.Identity
View auth_controller.ex
defmodule OrdersWeb.AuthController do
@moduledoc """
This controller allows retrieving an access token from auth0 and returning it to the user
providing username / password based login capability
use OrdersWeb, :controller
alias Auth
alias Auth.{Credentials, TokenResult}
View auth.ex
defmodule Auth do
@moduledoc """
This module is responsible to authenticate client credentials against Auth0
and provide access_token and expires_in as a result
alias Auth.{Credentials, TokenResult}
import Base
require Logger
zoltanarvai / token_result.ex
Created Mar 23, 2019
Struct to encompass token and other meta info
View token_result.ex
defmodule Auth.TokenResult do
@moduledoc """
This struct represents the result of the authentication sign-in process.
We get a JWT access token from Auth0 and an expires_in field explaining
how long the token field will be available
@enforce_keys [:access_token, :expires_in]
defstruct access_token: "", expires_in: 0
@type t :: %__MODULE__{
View credentials.ex
defmodule Auth.Credentials do
@moduledoc """
This module represents and validates the credentials
use Ecto.Schema
import Ecto.Changeset
alias Auth.Credentials
@primary_key false
zoltanarvai / dev.exs
Last active Mar 23, 2019
Dev configuration for Auth0
View dev.exs
# Configure auth zero for the Auth module
config :orders,
auth0: %{
url: %URI{
host: "",
port: 443,
scheme: "https"
client_id: "6NeT3VHSzKK4mMXVq7BhSvAq0fUSUXUB",
client_secret: "9aAIvTnSL-09QyP-ttbxy9l0NavpyySHulTMTqUYpyfTG0Clt8qz1IEAcqN5spy6",
You can’t perform that action at this time.