If you’re anything like me, you probably started to learn Elixir and wanted to skip to the shiny stuff right away. Sure there’s some basics to sift through like the data types and specific syntax elements but after that, we can finally build a distributed, scalable, performant masterpiece of an application! — Riiigt?

Granted, even if you’re a bit more of a sane person, once you get to work with Supervisor, GenServer, Agent and other modules alike, you can't help but feel that things have been simplified a lot for you. …

If you create a new Phoenix project, without using the --no-html flag, a static plug will be added to your endpoint. Because of this, a lot of people recommend to just edit that, if you want to serve static files from a subdirectory. However, this can get a bit tricky if you have data stored in different directories — or use Phoenix purely as an API.

When someone asked about this on the elixir-lang Slack, my response was:

You don’t have to edit the endpoint, though, you can just use Plug.Static in a (sub)scope in your controller.

I did get…

A cypress test. — We’ll want to do tons of these!

There are lots of articles on testing in Elixir, and probably ten times as many for each Javascript frontend framework. But what if we want to test all of it together? — Be advised that end-to-end tests do not replace unit and integration tests on either the backend or frontend, however, I think they do have their place in a good test suite for the following reasons:

  • We can test for specific user workflows that caused issues in the past to ensure these stay fixed forever.
  • Tests are almost entirely reduced to user interaction, so given a working tests setup…

Testing protected endpoints in Phoenix controllers is a topic that sparks confusion — at best, and controversy at worst — amongst a surprising lot of people. When using Guardian or other pluggable ways of authorizing requests, this behaviour has to be taken into consideration for controller tests. Multiple pull requests in the Guardian repository were working towards a solution for this, Guardian Backdoor, which has now been moved into its own repository.

While this will certainly solve this issue for Guardian users in the future, let’s explore a simple, fast approach for authorization bypassing that can be used with any…

Sven Gehring

Lead Software Engineer @René Koch AG, Ex-Core developer @Kitsu Media, Inc. and quadcopter madness enthusiast.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store