With my new HelloPhoenix application, I built a standard basic http user authentication with a register/login form.
Next, I tried channels. It works great. Then, I want authenticated users (and only those who are already authenticated) to be able to join some channels. According to the doc:
Clients must join a channel to send and receive PubSub events on that channel. Your channels must implement a join/3 callback that authorizes the socket for the given topic. For example, you could check if the user is allowed to join that particular room.
That sounds great, but I wonder what would be the most efficient way. I thought of returning a token (that is associated with the user's model) upon authentication, so the token is passed back to the WebSocket. The join/3 callback could verify that this token matches the one in the model.
Is it the most efficient way?