Guardian - 排除需要身份验证的路由
Guardian - exclude routes from needing authentication
目前我已经使用以下配置设置了 Guardian 身份验证:
pipeline :api do
plug :accepts, ["json"]
plug MyApp.AuthAccessPipeline
end
defmodule MyApp.AuthAccessPipeline do
use Guardian.Plug.Pipeline, otp_app: :my_app
plug Guardian.Plug.VerifySession, claims: %{"typ" => "access"}
plug Guardian.Plug.VerifyHeader, claims: %{"typ" => "access"}
plug Guardian.Plug.EnsureAuthenticated
plug Guardian.Plug.LoadResource, allow_blank: true
end
我的路线是这样设置的:
scope "/api/v1", MyAppWeb do
pipe_through :api
resources "/users", UserController, except: [:new, :edit]
post "/auth/sign_up", UserController, :sign_up
post "/auth/sign_in", UserController, :sign_in
post "/auth/forgot_password", UserController, :forgot_password
end
我如何设置此管道,以便无需身份验证即可访问 /auth/* 路由?
我可以通过像这样设置我的路线来解决这个问题:
pipeline :anonymous do
plug :accepts, ["json"]
end
pipeline :protected do
plug :accepts, ["json"]
plug MyApp.AuthAccessPipeline
end
scope "/api/v1/auth", MyAppWeb do
pipe_through :anonymous
post "/sign_up", UserController, :sign_up
post "/sign_in", UserController, :sign_in
post "/forgot_password", UserController, :forgot_password
end
scope "/api/v1", MyAppWeb do
pipe_through :protected
resources "/users", UserController, except: [:new, :edit]
end
目前我已经使用以下配置设置了 Guardian 身份验证:
pipeline :api do
plug :accepts, ["json"]
plug MyApp.AuthAccessPipeline
end
defmodule MyApp.AuthAccessPipeline do
use Guardian.Plug.Pipeline, otp_app: :my_app
plug Guardian.Plug.VerifySession, claims: %{"typ" => "access"}
plug Guardian.Plug.VerifyHeader, claims: %{"typ" => "access"}
plug Guardian.Plug.EnsureAuthenticated
plug Guardian.Plug.LoadResource, allow_blank: true
end
我的路线是这样设置的:
scope "/api/v1", MyAppWeb do
pipe_through :api
resources "/users", UserController, except: [:new, :edit]
post "/auth/sign_up", UserController, :sign_up
post "/auth/sign_in", UserController, :sign_in
post "/auth/forgot_password", UserController, :forgot_password
end
我如何设置此管道,以便无需身份验证即可访问 /auth/* 路由?
我可以通过像这样设置我的路线来解决这个问题:
pipeline :anonymous do
plug :accepts, ["json"]
end
pipeline :protected do
plug :accepts, ["json"]
plug MyApp.AuthAccessPipeline
end
scope "/api/v1/auth", MyAppWeb do
pipe_through :anonymous
post "/sign_up", UserController, :sign_up
post "/sign_in", UserController, :sign_in
post "/forgot_password", UserController, :forgot_password
end
scope "/api/v1", MyAppWeb do
pipe_through :protected
resources "/users", UserController, except: [:new, :edit]
end