ProcaWeb.UserAuth (proca v3.4.1)

Link to this section Summary

Functions

Authenticates the user by looking into the session and remember me token.

Logs the user out.

Used for routes that require the user to not be authenticated.

Used for routes that require the user to be authenticated.

Link to this section Functions

Link to this function

assign_current_user(conn, user)

Link to this function

auth_enabled?(atom)

Link to this function

fetch_current_user(conn, opts)

Authenticates the user by looking into the session and remember me token.

Link to this function

log_in_user(conn, user, params \\ %{})

Logs the user in.

It renews the session ID and clears the whole session to avoid fixation attacks. See the renew_session function to customize this behaviour.

It also sets a :live_socket_id key in the session, so LiveView sessions are identified and automatically disconnected on log out. The line can be safely removed if you are not using LiveView.

Link to this function

log_out_user(conn)

Logs the user out.

It clears all session data for safety. See renew_session.

Link to this function

redirect_if_sso(conn, opts)

Link to this function

redirect_if_user_is_authenticated(conn, opts)

Used for routes that require the user to not be authenticated.

Link to this function

require_authenticated_user(conn, opts)

Used for routes that require the user to be authenticated.

If you want to enforce the user email is confirmed before they use the application at all, here would be a good place.

Link to this function

sign_in_url(conn)