rootkc / phx-auth-api

Authentication for Phoenix with JWT, user privileges and CI

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

PhxAuthApi

Features

This project implements Guardian for JWT authentication and Canary for user specific authorization. For hashing passwords in the database comeonin is used with the bcrypt algorithm. The JWT token controls access to a certain endpoint and then Canary is used to figure out if the resource from the JWT has access to that endpoint. This makes this setup very dynamic for many authentication purposes.

CircleCI test and deployment of master to Heroku is also implemented.

Endpoints

All endpoints have Content-Type: application/json in the header

URL METHOD HEADER BODY
/api/login POST none { "user": { "username": "", "password": "" } }
/api/users GET none { "user": { "username": "", "password": "" } }
/api/users POST none { "user": { "username": "", "password": "" } }
/api/users/:id PUT authorization: jwt { "user": { "username": "", "password": "" } }
/api/users/:id DELETE authorization: jwt { "user": { "username": "", "password": "" } }

Installation

  • Clone repo by git clone https://github.com/rootkc/phx-auth-api
  • go to directory with cd phx-auth-api
  • Install dependencies with mix deps.get
  • Create and migrate your database with mix ecto.create && mix ecto.migrate
  • Start Phoenix endpoint with mix phx.server

Now you can visit localhost:4000/api/users from your browser to fetch all users.

About

Authentication for Phoenix with JWT, user privileges and CI


Languages

Language:Elixir 98.7%Language:Shell 1.3%