Let’s Build |> a Slack Clone with Elixir, Phoenix, and React (part 2— Backend Authentication)
Ben Hansen
2108

Minor bug with your refresh method in your session controller, should be:

def refresh(conn, _params) do
user = Guardian.Plug.current_resource(conn)
jwt = Guardian.Plug.current_token(conn)
case Guardian.Plug.claims(conn) do
{:ok, claims} ->
{:ok, new_jwt, _new_claims} = Guardian.refresh!(jwt, claims, %{ttl: {30, :days}})
conn
|> put_status(:ok)
|> render(Udia.Web.SessionView, "show.json", user: user, jwt: new_jwt)
{:error, _reason} ->
conn
|> put_status(:unauthorized)
|> render(Udia.Web.SessionView, "forbidden.json", error: "Not Authenticated")
end
end

This was the result of the following test case:

test "refresh session route returns unauthenticated on unauthenticated sessions", %{conn: conn} do
conn = post conn, session_path(conn, :refresh)
assert json_response(conn, 401)["error"] === "Not Authenticated"
end

Incredibly useful tutorial. Thank you!

Like what you read? Give Udia a round of applause.

From a quick cheer to a standing ovation, clap to show how much you enjoyed this story.