我正在使用 Guardian 构建我的第一个 Elixir 应用程序,我遇到了用户可以登录并通过身份验证的问题,但是在重定向到下一页时,conn
不再存储用户信息并Guardian.Plug.is_authenticated?
返回 false。
session_controller.ex
....
def create(conn, %{"session" => %{"email" => email, "password" => password}}) do
case PhoenixApp.Auth.authenticate_user(email, password) do
{:ok, user} ->
conn
|> PhoenixApp.Auth.login(user)
|> put_flash(:info, "Welcome back!")
|> redirect(to: "/users")
{:error, _reason} ->
conn
|> put_flash(:error, "Invalid username or password.")
|> render("new.html")
end
end
...
router.ex
...
pipeline :browser do
plug :accepts, ["html"]
plug :fetch_session
plug :fetch_flash
plug :protect_from_forgery
plug :put_secure_browser_headers
end
scope "/", PhoenixAppWeb do
pipe_through [:browser]
get "/signup", UserController, :new
get "/login", SessionController, :new
post "/login", SessionController, :create
delete "/logout/:id", SessionController, :delete
end
scope "/", PhoenixAppWeb do
# Protected routes
pipe_through [:browser, :auth]
resources "/users", UserController, except: [:new]
get "/", PageController, :index
end
# Auth pipeline
pipeline :auth do
plug(PhoenixApp.Auth.AuthAccessPipeline)
end
...
auth.ex
...
def login(conn, user) do
conn
|> Guardian.Plug.sign_in(user)
|> assign(:current_user, user)
|> IO.inspect
|> put_user_token(user)
end
...
auth_access_pipeline.ex
defmodule PhoenixApp.Auth.AuthAccessPipeline do
@moduledoc false
use Guardian.Plug.Pipeline,
otp_app: :phoenix_app,
error_handler: PhoenixApp.Auth.AuthErrorHandler
plug(Guardian.Plug.Pipeline,
module: PhoenixApp.Guardian,
error_handler: PhoenixApp.Auth.AuthErrorHandler
)
plug(Guardian.Plug.VerifySession, claims: %{"typ" => "access"})
# plug(Guardian.Plug.EnsureAuthenticated)
# plug(Guardian.Plug.LoadResource)
end
IO.inspect(conn)
from my方法为刚刚在下的密钥中登录的login
用户返回 JSONified User 结构,并且还存储带有令牌的 a。如果您检查after 重定向到,则in 分配的是并且没有。assigns
current_user
user_token
conn
/users
current_user
nil
user_token