Current section

Files

Jump to
btrz_ex_auth_api lib pipeline token_secured.ex
Raw

lib/pipeline/token_secured.ex

defmodule BtrzAuth.Pipeline.TokenSecured do
@moduledoc """
This pipeline will check the x-api-key header and also the token with the private key or the configured main and secondary secret keys in case the token could be an internal one, then ensure authenticated and load the implemented resource in `conn.private[:auth_user]`.
"""
use Guardian.Plug.Pipeline,
otp_app: :btrz_auth,
module: BtrzAuth.Guardian,
error_handler: BtrzAuth.AuthErrorHandler
plug(BtrzAuth.Plug.VerifyApiKey)
plug(BtrzAuth.Plug.VerifyToken)
plug(Guardian.Plug.EnsureAuthenticated)
# remove this option if always will load the account
plug(Guardian.Plug.LoadResource, allow_blank: true)
end