Skip to content
A Paseto (Platform Agnostic SEcurity Token) plug for Phoenix Authentication
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
.circleci
config Initial commit containing most of the scaffolding Jun 26, 2018
lib Adding exdoc and cleaning up docs a bit Jun 28, 2018
test
.credo.exs Adding credo and circleci config Jun 26, 2018
.formatter.exs
.gitignore Initial commit containing most of the scaffolding Jun 26, 2018
.tool-versions
LICENSE Adding BSD 3-clause license Aug 8, 2018
README.md
mix.exs
mix.lock Upgrading to paseto 1.3 Jun 6, 2019

README.md

CircleCI Hex.pm HexDocs

paseto_plug

A Phoenix authentication plug that validates Paseto (Platform Agnostic Security Tokens).

Installation

This package can be installed by adding paseto_plug to your list of dependencies in mix.exs:

def deps do
  [
    {:paseto_plug, "~> 0.1.0"}
  ]
end

Considerations for using this library

There are a few library/binary requirements required in order for the Paseto library to work on any computer:

  1. Erlang version >= 20.1
    • This is required because this was the first Erlang version to introduce crypto:sign/5.
  2. libsodium >= 1.0.13
  3. openssl >= 1.1
    • This is needed for XChaCha-Poly1305 used for V2.Local Paseto

Using the plug

This plug, solely, handles taking a Paseto and validating it was issued by your key(-pair). Should you need more information on generating a Paseto, take a look at my other project over here: https://github.com/GrappigPanda/paseto

So, in order to use the plug, you will need to include the following in your router.ex file.

plug PasetoPlug, key_provider: &KeyProvider.get_key/0

Moreover, you will need to write a key provider module + function. This can be as simple as the following:

defmodule KeyProvider do
  def get_key() do
    "safe_key"
  end
end

Now, whenever a request goes through, the requester will either face a 401 (if they have an invalid paseto) or your conn will have a new :claims key in the assigns map.

# You can grab it by using
conn.assigns.claims
You can’t perform that action at this time.