DEV Community: Peter Saxton The latest articles on DEV Community by Peter Saxton (@crowdhailer). https://dev.to/crowdhailer https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F216725%2Fb6dc2476-8f49-49d1-9c6e-d28fb42d2230.jpeg DEV Community: Peter Saxton https://dev.to/crowdhailer en Ruby on Rails integration guide for passwordless authentication with DID.app Peter Saxton Wed, 01 Apr 2020 19:18:20 +0000 https://dev.to/crowdhailer/ruby-on-rails-integration-guide-for-passwordless-authentication-with-did-app-i9g https://dev.to/crowdhailer/ruby-on-rails-integration-guide-for-passwordless-authentication-with-did-app-i9g <p><em>Just want the code? see <a href="https://github.com/did-app/did-ruby/commit/73a975810e53efc9d4b54bdb8d504be51d7e0b13">this commit</a> for the complete set of changes.</em></p> <h2> What is DID.app </h2> <p><a href="https://did.app">DID.app</a> is an Identity Provider, that authenticates users by verifying access to either an email address or securely stored private key.</p> <p>This allows your users to sign in with <strong>just</strong> a single click.</p> <h3> Requirements </h3> <p>The <a href="https://guides.rubyonrails.org/getting_started.html#installing-rails">Ruby on Rails install guide</a> can help you install Rails and required dependencies.</p> <h3> New Rails project </h3> <p>Start a new Rails project.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>rails new my_app <span class="nt">--skip-active-record</span> <span class="nt">--skip-javascript</span> <span class="nb">cd </span>my_app </code></pre> </div> <p><em><code>--skip-active-record --skip-javascript</code> We don't need a database or JS bundle for this example</em></p> <p>Add Faraday to your <code>Gemfile</code> then run <code>bundle install</code>.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight ruby"><code><span class="n">gem</span> <span class="s1">'faraday'</span><span class="p">,</span> <span class="s1">'~&gt; 1.0'</span><span class="p">,</span> <span class="s1">'&gt;= 1.0.1'</span> </code></pre> </div> <p><em>For this guide we will use <a href="https://rubygems.org/gems/faraday">Faraday</a> to make HTTP requests.<br> However you can replace this with your preferred client library.</em></p> <p>To finish setting up our new Rails project we will create a welcome page, using the Rails generator.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>bin/rails generate controller Welcome index </code></pre> </div> <p>Update the <code>routes.rb</code> so our new welcome page is set as the homepage for our new app.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight ruby"><code><span class="no">Rails</span><span class="p">.</span><span class="nf">application</span><span class="p">.</span><span class="nf">routes</span><span class="p">.</span><span class="nf">draw</span> <span class="k">do</span> <span class="n">get</span> <span class="s1">'welcome/index'</span> <span class="n">root</span> <span class="s1">'welcome#index'</span> <span class="k">end</span> </code></pre> </div> <p>You should now have a working Rails application.<br> Start it with the following command:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>./bin/rails server </code></pre> </div> <p>Visit <a href="http://localhost:3000">http://localhost:3000</a> and check you see the new homepage.</p> <p><a href="https://res.cloudinary.com/practicaldev/image/fetch/s--d9IGEp4c--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_880/https://did.app/guides/ruby-on-rails-openid-connect-integration/new-rails-controller.png" class="article-body-image-wrapper"><img src="https://res.cloudinary.com/practicaldev/image/fetch/s--d9IGEp4c--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_880/https://did.app/guides/ruby-on-rails-openid-connect-integration/new-rails-controller.png" alt="screenshot of new rails app"></a></p> <h3> Outline of Authentication Flow </h3> <p>Authenticating end users takes two steps.</p> <ol> <li>Redirect a user to DID.app with an authentication request from your application.</li> <li>Fetch user information associated with the code returned in the authentication response.</li> </ol> <h3> Redirect user to authenticate with DID.app </h3> <p>Start the authentication process by redirecting a user to the authorization endpoint.<br> The redirect must include the authentication request parameters.</p> <p>This form needs to be added to a template.<br> It is up to you where you locate your sign in button.<br> We added it to our application layout in <code>/app/views/layouts/application.html.erb</code>.<br> This ensures a user can sign in from anywhere.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight erb"><code><span class="nt">&lt;form</span> <span class="na">action=</span><span class="s">"https://auth.did.app/oidc/authorize"</span> <span class="na">method=</span><span class="s">"get"</span><span class="nt">&gt;</span> <span class="nt">&lt;input</span> <span class="na">name=</span><span class="s">"client_id"</span> <span class="na">value=</span><span class="s">"</span><span class="cp">&lt;%=</span> <span class="no">ENV</span><span class="p">[</span><span class="s2">"CLIENT_ID"</span><span class="p">]</span> <span class="cp">%&gt;</span><span class="s">"</span> <span class="na">type=</span><span class="s">"hidden"</span> <span class="nt">/&gt;</span> <span class="nt">&lt;input</span> <span class="na">name=</span><span class="s">"redirect_uri"</span> <span class="na">value=</span><span class="s">"</span><span class="cp">&lt;%=</span> <span class="n">callback_url</span> <span class="cp">%&gt;</span><span class="s">"</span> <span class="na">type=</span><span class="s">"hidden"</span> <span class="nt">/&gt;</span> <span class="nt">&lt;button</span> <span class="na">type=</span><span class="s">"submit"</span><span class="nt">&gt;</span>Sign in<span class="nt">&lt;/button&gt;</span> <span class="nt">&lt;/form&gt;</span> </code></pre> </div> <p>The <code>CLIENT_ID</code> is a value provided to you by DID.app that we will generate later.<br><br> The <code>callback_url</code> refers to a controller action that we will implement in the next section.</p> <h3> Create a session controller to handle authentication callback </h3> <p>Once a user has authenticated with DID.app, they will be redirected to the url that was specified in the authentication request.<br> We need to create a route to handle this.</p> <p>First add the route into <code>routes.rb</code>.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight ruby"><code><span class="no">Rails</span><span class="p">.</span><span class="nf">application</span><span class="p">.</span><span class="nf">routes</span><span class="p">.</span><span class="nf">draw</span> <span class="k">do</span> <span class="c1"># Other routes</span> <span class="c1"># ...</span> <span class="n">get</span> <span class="s1">'/session/callback'</span><span class="p">,</span> <span class="ss">to: </span><span class="s1">'session#callback'</span><span class="p">,</span> <span class="ss">as: </span><span class="s1">'callback'</span> <span class="k">end</span> </code></pre> </div> <p>Create a new file for a session controller.<br> Add the following code to implement the callback route:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight ruby"><code><span class="nb">require</span> <span class="s1">'faraday'</span> <span class="nb">require</span> <span class="s1">'json'</span> <span class="k">class</span> <span class="nc">SessionController</span> <span class="o">&lt;</span> <span class="no">ApplicationController</span> <span class="k">def</span> <span class="nf">callback</span> <span class="n">response</span> <span class="o">=</span> <span class="no">Faraday</span><span class="p">.</span><span class="nf">post</span><span class="p">(</span> <span class="s2">"https://auth.did.app/oidc/token"</span><span class="p">,</span> <span class="ss">client_id: </span><span class="no">ENV</span><span class="p">[</span><span class="s2">"CLIENT_ID"</span><span class="p">],</span> <span class="ss">client_secret: </span><span class="no">ENV</span><span class="p">[</span><span class="s2">"CLIENT_SECRET"</span><span class="p">],</span> <span class="ss">code: </span><span class="n">params</span><span class="p">[</span><span class="s2">"code"</span><span class="p">]</span> <span class="p">)</span> <span class="n">data</span> <span class="o">=</span> <span class="no">JSON</span><span class="p">.</span><span class="nf">parse</span><span class="p">(</span><span class="n">response</span><span class="p">.</span><span class="nf">body</span><span class="p">)</span> <span class="n">session</span><span class="p">[</span><span class="ss">:current_user_id</span><span class="p">]</span> <span class="o">=</span> <span class="n">data</span><span class="p">[</span><span class="s2">"userinfo"</span><span class="p">][</span><span class="s2">"sub"</span><span class="p">]</span> <span class="n">redirect_to</span> <span class="n">root_path</span> <span class="k">end</span> <span class="k">end</span> </code></pre> </div> <p>The redirect url back to your app will include a query parameter containing a one-time code.<br> To finish authenticating a user, this code needs to be exchanged for a token and user information.</p> <p>From this user information we extract the <code>sub</code> parameter which is short for <code>subject</code>. This parameter is a stable identifier for the user.<br> A verified email address is also returned as part of the user information.</p> <p>This request will require your <code>CLIENT_ID</code> and <code>CLIENT_SECRET</code>.<br> It is good practice to keep these values out of your source code so we are using environment variables to configure them.</p> <h3> Display Sign Out Button to Authenticated User </h3> <p>Once a user has authenticated, we no longer want to show them a sign in button.<br> Probably the most helpful thing to show instead would be a sign out button.</p> <p>Update the code added to your application layout.<br> We want to show our sign in button only if our session doesn't have a current user id.<br> If we do have a user id, and therefore an authenticated session, we should show a sign out button.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight erb"><code><span class="cp">&lt;%</span> <span class="k">if</span> <span class="n">session</span><span class="p">[</span><span class="ss">:current_user_id</span><span class="p">]</span> <span class="cp">%&gt;</span> <span class="cp">&lt;%=</span> <span class="n">link_to</span> <span class="s1">'Sign out'</span><span class="p">,</span> <span class="n">sign_out_path</span> <span class="cp">%&gt;</span> <span class="cp">&lt;%</span> <span class="k">else</span> <span class="cp">%&gt;</span> <span class="c">&lt;!-- Sign in form from earlier --&gt;</span> <span class="nt">&lt;form</span> <span class="na">action=</span><span class="s">"https://auth.did.app/oidc/authorize"</span> <span class="na">method=</span><span class="s">"get"</span><span class="nt">&gt;</span> <span class="nt">&lt;input</span> <span class="na">name=</span><span class="s">"client_id"</span> <span class="na">value=</span><span class="s">"</span><span class="cp">&lt;%=</span> <span class="no">ENV</span><span class="p">[</span><span class="s2">"CLIENT_ID"</span><span class="p">]</span> <span class="cp">%&gt;</span><span class="s">"</span> <span class="na">type=</span><span class="s">"hidden"</span> <span class="nt">/&gt;</span> <span class="nt">&lt;input</span> <span class="na">name=</span><span class="s">"redirect_uri"</span> <span class="na">value=</span><span class="s">"</span><span class="cp">&lt;%=</span> <span class="n">callback_url</span> <span class="cp">%&gt;</span><span class="s">"</span> <span class="na">type=</span><span class="s">"hidden"</span> <span class="nt">/&gt;</span> <span class="nt">&lt;button</span> <span class="na">type=</span><span class="s">"submit"</span><span class="nt">&gt;</span>Sign in<span class="nt">&lt;/button&gt;</span> <span class="nt">&lt;/form&gt;</span> <span class="cp">&lt;%</span> <span class="k">end</span> <span class="cp">%&gt;</span> </code></pre> </div> <h3> Create Sign Out Action </h3> <p>First add a sign out route to <code>routes.rb</code>, this action can also exist in our session controller.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight ruby"><code><span class="no">Rails</span><span class="p">.</span><span class="nf">application</span><span class="p">.</span><span class="nf">routes</span><span class="p">.</span><span class="nf">draw</span> <span class="k">do</span> <span class="c1"># Other routes</span> <span class="c1"># ...</span> <span class="n">get</span> <span class="s1">'/session/terminate'</span><span class="p">,</span> <span class="ss">to: </span><span class="s1">'session#terminate'</span><span class="p">,</span> <span class="ss">as: </span><span class="s1">'sign_out'</span> <span class="k">end</span> </code></pre> </div> <p>In the session controller add the route to sign out a user.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight ruby"><code><span class="k">class</span> <span class="nc">SessionController</span> <span class="o">&lt;</span> <span class="no">ApplicationController</span> <span class="c1"># callback action</span> <span class="c1"># ...</span> <span class="k">def</span> <span class="nf">terminate</span> <span class="n">reset_session</span> <span class="n">redirect_to</span> <span class="n">root_path</span> <span class="k">end</span> <span class="k">end</span> </code></pre> </div> <p>Signing out a user is done by clearing the session information.</p> <h3> Get App Identifiers DID.app </h3> <p>The final step is to get a <code>CLIENT_ID</code> and <code>CLIENT_SECRET</code> for your app.<br> You will need an account, <a href="//%7B%7B%20site.auth_origin%20%7D%7D/sign_up">Sign up</a> to create one.</p> <p>After signing up, you will be directed to set up your first app.<br> <em>Because we will run on localhost we need to use test app, select test mode.</em></p> <p><a href="https://res.cloudinary.com/practicaldev/image/fetch/s--gocj6EQE--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_880/https://did.app/guides/ruby-on-rails-openid-connect-integration/screenshot-of-did-setup.png" class="article-body-image-wrapper"><img src="https://res.cloudinary.com/practicaldev/image/fetch/s--gocj6EQE--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_880/https://did.app/guides/ruby-on-rails-openid-connect-integration/screenshot-of-did-setup.png" alt="Screenshot of creating an app on DID"></a></p> <p>After setting the details for the app, copy the client id and secret for use in our application.</p> <h3> Try it out </h3> <p>Start Rails, passing in the required configuration as environment variables.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nv">CLIENT_ID</span><span class="o">=</span>test_abc <span class="nv">CLIENT_SECRET</span><span class="o">=</span>test_abcdef ./bin/rails server </code></pre> </div> <p>Visit <a href="http://localhost:3000/">localhost:3000</a>,<br> you should see your new Rails app with a shiny sign in button.</p> <p>Any problems, see <a href="https://github.com/did-app/did-ruby/commit/73a975810e53efc9d4b54bdb8d504be51d7e0b13">this commit</a> for the complete set of changes.</p> <h3> Have a question? </h3> <p>If you have any further questions contact us at <a href="//mailto:team@did.app?subject=DID-ruby%20question">team@did.app</a>.</p> tutorial webdev rails ruby Express.js integration guide for passwordless authentication with DID.app Peter Saxton Fri, 13 Mar 2020 09:46:44 +0000 https://dev.to/crowdhailer/express-js-integration-guide-for-passwordless-authentication-with-did-app-246p https://dev.to/crowdhailer/express-js-integration-guide-for-passwordless-authentication-with-did-app-246p <p><em>Just want the code? Find this example on <a href="https://github.com/did-app/did-nodejs/tree/master/examples/myapp">github</a></em></p> <h2> What is DID.app </h2> <p><a href="https://did.app">DID.app</a> is an Identity Provider, that authenticates users by verifying access to either an email address or securely stored private key.</p> <p>This allows your users to sign in with <strong>just</strong> a single click.</p> <h3> Requirements </h3> <p>This tutorial will require you to have Node.js and Express installed.</p> <ul> <li><a href="https://expressjs.com/en/starter/installing.html">Express install guide</a></li> <li><a href="https://nodejs.org/en/">Node.js install guide</a></li> </ul> <h3> New Express project </h3> <p>Use the <a href="https://expressjs.com/en/starter/generator.html">Express generator</a> to start a new project.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>npx express-generator <span class="nt">--view</span><span class="o">=</span>pug myapp <span class="nb">cd </span>myapp npm <span class="nb">install</span> </code></pre> </div> <p>Install <code>openid-client</code> and <code>cookie-session</code> from npm.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>npm <span class="nb">install</span> <span class="nt">--save</span> openid-client cookie-session </code></pre> </div> <h3> Add sessions to the application </h3> <p>We will use <a href="https://www.npmjs.com/package/cookie-session">cookie-session</a> so that we can keep a user signed in after we have authenticated them.<br> To use it, require the module and add to the apps middleware in <code>app.js</code>.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="c1">// other dependencies</span> <span class="kd">var</span> <span class="nx">cookieSession</span> <span class="o">=</span> <span class="nx">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">cookie-session</span><span class="dl">"</span><span class="p">);</span> <span class="c1">// other middleware</span> <span class="kd">var</span> <span class="p">{</span> <span class="nx">SESSION_SECRET</span> <span class="p">}</span> <span class="o">=</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">;</span> <span class="nx">app</span><span class="p">.</span><span class="nx">use</span><span class="p">(</span><span class="nx">cookieSession</span><span class="p">({</span> <span class="na">name</span><span class="p">:</span> <span class="dl">"</span><span class="s2">myapp</span><span class="dl">"</span><span class="p">,</span> <span class="na">secret</span><span class="p">:</span> <span class="nx">SESSION_SECRET</span> <span class="p">}));</span> </code></pre> </div> <p>It is best practise to keep your session secret out of your source code.</p> <h3> Fetch OpenID Connect configuration </h3> <p>Only routes for handing authentication will require the OpenID Configuration for DID.app.<br> Create a routes file for sessions <code>routes/session.js</code> and configure the client library.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="kd">var</span> <span class="nx">express</span> <span class="o">=</span> <span class="nx">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">express</span><span class="dl">"</span><span class="p">);</span> <span class="kd">var</span> <span class="nx">router</span> <span class="o">=</span> <span class="nx">express</span><span class="p">.</span><span class="nx">Router</span><span class="p">();</span> <span class="kd">var</span> <span class="p">{</span> <span class="nx">Issuer</span> <span class="p">}</span> <span class="o">=</span> <span class="nx">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">openid-client</span><span class="dl">"</span><span class="p">);</span> <span class="kd">var</span> <span class="p">{</span> <span class="nx">CLIENT_ID</span><span class="p">,</span> <span class="nx">CLIENT_SECRET</span> <span class="p">}</span> <span class="o">=</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">;</span> <span class="kd">var</span> <span class="nx">clientPromise</span> <span class="o">=</span> <span class="nx">Issuer</span><span class="p">.</span><span class="nx">discover</span><span class="p">(</span><span class="dl">"</span><span class="s2">https://did.app</span><span class="dl">"</span><span class="p">).</span><span class="nx">then</span><span class="p">(</span><span class="kd">function</span><span class="p">(</span><span class="nx">issuer</span><span class="p">)</span> <span class="p">{</span> <span class="nx">console</span><span class="p">.</span><span class="nx">log</span><span class="p">(</span><span class="dl">"</span><span class="s2">Discovered issuer %s %O</span><span class="dl">"</span><span class="p">,</span> <span class="nx">issuer</span><span class="p">.</span><span class="nx">issuer</span><span class="p">,</span> <span class="nx">issuer</span><span class="p">.</span><span class="nx">metadata</span><span class="p">);</span> <span class="k">return</span> <span class="k">new</span> <span class="nx">issuer</span><span class="p">.</span><span class="nx">Client</span><span class="p">({</span> <span class="na">client_id</span><span class="p">:</span> <span class="nx">CLIENT_ID</span><span class="p">,</span> <span class="na">client_secret</span><span class="p">:</span> <span class="nx">CLIENT_SECRET</span> <span class="p">});</span> <span class="p">});</span> <span class="c1">// ...</span> </code></pre> </div> <p>The <code>client_id</code> in <code>client_secret</code> are fetched from the environment,<br> we will generate them later.</p> <h3> Create File for sign in routes </h3> <p>Signing in, or up, using the OpenID connect flow requires two endpoints.</p> <p>One endpoint redirects the user to the OpenID provider (in this case DID.app) to authenticate themselves.<br> A second callback endpoint is where the result of authenticating is handled.</p> <p>Add both of these into the session routes file.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="c1">// ...</span> <span class="nx">router</span><span class="p">.</span><span class="kd">get</span><span class="p">(</span><span class="dl">"</span><span class="s2">/authenticate</span><span class="dl">"</span><span class="p">,</span> <span class="kd">function</span><span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">,</span> <span class="nx">next</span><span class="p">)</span> <span class="p">{</span> <span class="nx">clientPromise</span><span class="p">.</span><span class="nx">then</span><span class="p">(</span><span class="kd">function</span><span class="p">(</span><span class="nx">client</span><span class="p">)</span> <span class="p">{</span> <span class="kd">var</span> <span class="nx">authorizationUrl</span> <span class="o">=</span> <span class="nx">client</span><span class="p">.</span><span class="nx">authorizationUrl</span><span class="p">({</span> <span class="na">scope</span><span class="p">:</span> <span class="dl">"</span><span class="s2">openid</span><span class="dl">"</span><span class="p">,</span> <span class="na">redirect_uri</span><span class="p">:</span> <span class="dl">"</span><span class="s2">http://localhost:3000/session/callback</span><span class="dl">"</span> <span class="p">});</span> <span class="nx">res</span><span class="p">.</span><span class="nx">redirect</span><span class="p">(</span><span class="nx">authorizationUrl</span><span class="p">);</span> <span class="p">});</span> <span class="p">});</span> <span class="nx">router</span><span class="p">.</span><span class="kd">get</span><span class="p">(</span><span class="dl">"</span><span class="s2">/callback</span><span class="dl">"</span><span class="p">,</span> <span class="kd">function</span><span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">,</span> <span class="nx">next</span><span class="p">)</span> <span class="p">{</span> <span class="nx">clientPromise</span> <span class="p">.</span><span class="nx">then</span><span class="p">(</span><span class="kd">function</span><span class="p">(</span><span class="nx">client</span><span class="p">)</span> <span class="p">{</span> <span class="kd">var</span> <span class="nx">params</span> <span class="o">=</span> <span class="nx">client</span><span class="p">.</span><span class="nx">callbackParams</span><span class="p">(</span><span class="nx">req</span><span class="p">);</span> <span class="k">return</span> <span class="nx">client</span><span class="p">.</span><span class="nx">callback</span><span class="p">(</span><span class="dl">"</span><span class="s2">http://localhost:3000/session/callback</span><span class="dl">"</span><span class="p">,</span> <span class="nx">params</span><span class="p">);</span> <span class="p">})</span> <span class="p">.</span><span class="nx">then</span><span class="p">(</span><span class="kd">function</span><span class="p">(</span><span class="nx">tokenSet</span><span class="p">)</span> <span class="p">{</span> <span class="kd">var</span> <span class="nx">claims</span> <span class="o">=</span> <span class="nx">tokenSet</span><span class="p">.</span><span class="nx">claims</span><span class="p">();</span> <span class="nx">console</span><span class="p">.</span><span class="nx">log</span><span class="p">(</span><span class="nx">claims</span><span class="p">);</span> <span class="nx">req</span><span class="p">.</span><span class="nx">session</span> <span class="o">=</span> <span class="p">{</span> <span class="na">userId</span><span class="p">:</span> <span class="nx">claims</span><span class="p">.</span><span class="nx">sub</span> <span class="p">};</span> <span class="nx">res</span><span class="p">.</span><span class="nx">redirect</span><span class="p">(</span><span class="dl">"</span><span class="s2">/</span><span class="dl">"</span><span class="p">);</span> <span class="p">});</span> <span class="p">});</span> <span class="nx">module</span><span class="p">.</span><span class="nx">exports</span> <span class="o">=</span> <span class="nx">router</span><span class="p">;</span> </code></pre> </div> <p>Add the session routes to the express app in <code>app.js</code>.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="c1">// other dependencies</span> <span class="kd">var</span> <span class="nx">sessionRouter</span> <span class="o">=</span> <span class="nx">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">./routes/session</span><span class="dl">"</span><span class="p">);</span> <span class="c1">// ...</span> <span class="nx">app</span><span class="p">.</span><span class="nx">use</span><span class="p">(</span><span class="dl">"</span><span class="s2">/</span><span class="dl">"</span><span class="p">,</span> <span class="nx">indexRouter</span><span class="p">);</span> <span class="nx">app</span><span class="p">.</span><span class="nx">use</span><span class="p">(</span><span class="dl">"</span><span class="s2">/users</span><span class="dl">"</span><span class="p">,</span> <span class="nx">usersRouter</span><span class="p">);</span> <span class="c1">// new routes</span> <span class="nx">app</span><span class="p">.</span><span class="nx">use</span><span class="p">(</span><span class="dl">"</span><span class="s2">/session</span><span class="dl">"</span><span class="p">,</span> <span class="nx">sessionRouter</span><span class="p">);</span> </code></pre> </div> <h3> Display authentication status </h3> <p>Our users need a button that lets them sign in.<br> To add one to the homepage the route handler checks if there is already a user session,<br> if so we make this user id available to the view.<br> Make these changes to <code>routes/index.js</code><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="nx">router</span><span class="p">.</span><span class="kd">get</span><span class="p">(</span><span class="dl">"</span><span class="s2">/</span><span class="dl">"</span><span class="p">,</span> <span class="kd">function</span><span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">,</span> <span class="nx">next</span><span class="p">)</span> <span class="p">{</span> <span class="kd">var</span> <span class="nx">session</span> <span class="o">=</span> <span class="nx">req</span><span class="p">.</span><span class="nx">session</span> <span class="o">||</span> <span class="p">{};</span> <span class="nx">res</span><span class="p">.</span><span class="nx">render</span><span class="p">(</span><span class="dl">"</span><span class="s2">index</span><span class="dl">"</span><span class="p">,</span> <span class="p">{</span> <span class="na">title</span><span class="p">:</span> <span class="dl">"</span><span class="s2">Express</span><span class="dl">"</span><span class="p">,</span> <span class="na">userId</span><span class="p">:</span> <span class="nx">session</span><span class="p">.</span><span class="nx">userId</span> <span class="p">});</span> <span class="p">});</span> </code></pre> </div> <p>In the view we use the user id to show them some information about them, or if no user a sign in button this code to show a button<br> Add this snippet into <code>views/index.pug</code>.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>if userId span User ID #{userId} else a.button.action(href='/session/authenticate') Sign in </code></pre> </div> <h3> Setup the App on DID </h3> <p>You will need a DID account. <a href="https://auth.did.app">Sign up</a> to create one now.</p> <p>After signing up, you will be directed to set up your first app.<br> <em>Because we will run on localhost we need to use test app, select test mode.</em></p> <p><a href="https://res.cloudinary.com/practicaldev/image/fetch/s--qB8FbdcU--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_880/https://did.app/guides/express-nodejs-openid-connect-integration/screenshot.png" class="article-body-image-wrapper"><img src="https://res.cloudinary.com/practicaldev/image/fetch/s--qB8FbdcU--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_880/https://did.app/guides/express-nodejs-openid-connect-integration/screenshot.png" alt="Screenshot of creating an app on DID"></a></p> <p>After setting the details for the app, copy the client id and secret for use in our application.</p> <h3> Try it out </h3> <p>Start Express, passing in the required configuration as environment variables.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nv">CLIENT_ID</span><span class="o">=</span>test_abc <span class="nv">CLIENT_SECRET</span><span class="o">=</span>test_abcdef <span class="nv">SESSION_SECRET</span><span class="o">=</span>somesecret npm start </code></pre> </div> <p>Visit <a href="http://localhost:3000/">localhost:3000</a>,<br> you should see your new Express app with a shiny sign in button.</p> <p>Any problems, see <a href="https://github.com/did-app/did-nodejs/commit/e1bda6971b5e4b3b19655c8f915860107cbdc061">this commit</a> for the complete set of changes.</p> <h3> Have a question? </h3> <p>If you have any further questions contact us at <a href="//mailto:team@did.app?subject=DID-Nodejs%20question">team@did.app</a>.</p> tutorial node javascript webdev Adding DID authentication to a Phoenix web app Peter Saxton Thu, 05 Mar 2020 13:01:26 +0000 https://dev.to/crowdhailer/adding-did-authentication-to-a-phoenix-web-app-18ec https://dev.to/crowdhailer/adding-did-authentication-to-a-phoenix-web-app-18ec <p>Just want the code? Find this example on <a href="https://github.com/did-app/did-elixir/tree/master/examples/elixir-phoenix-openid-connect">github</a></p> <h3> What is DID.app </h3> <p><a href="https://did.app">DID</a> is an Identity Provider, that authenticates users by verifying access to either an email address or securely stored private key.</p> <p>This gives users the ability to sign in with a single click without being tracked by the social login providers.</p> <p>It gives developers the ability to offer a modern authentication without having to handle validating signatures, recovering accounts from lost devices or verifying user email addresses.</p> <h3> Requirements </h3> <p>The <a href="https://hexdocs.pm/phoenix/installation.html#content">Phoenix install guide</a> can help you install Phoenix and Elixir.</p> <h3> New Phoenix project </h3> <p>Start a new Phoenix project.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>mix phx.new my_app <span class="nt">--no-ecto</span> <span class="nt">--no-webpack</span> <span class="nb">cd </span>my_app </code></pre> </div> <p><em><code>--no-ecto --no-webpack</code> We don't need a database or JS bundle for this example</em></p> <p>Add the <code>openid_connect</code> package to <code>mix.exs</code>. Don't forget to run <code>mix deps.get</code>.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight elixir"><code><span class="k">defp</span> <span class="n">deps</span> <span class="k">do</span> <span class="p">[</span> <span class="p">{</span><span class="ss">:openid_connect</span><span class="p">,</span> <span class="s2">"~&gt; 0.2.2"</span><span class="p">}</span> <span class="p">]</span> <span class="k">end</span> </code></pre> </div> <h3> Supervise the OpenID Connect worker </h3> <p>Add <code>OpenIDConnect.Worker</code> to list of children in <code>lib/my_app/application.ex</code>.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight elixir"><code><span class="kn">use</span> <span class="no">Application</span> <span class="k">def</span> <span class="n">start</span><span class="p">(</span><span class="n">_type</span><span class="p">,</span> <span class="n">_args</span><span class="p">)</span> <span class="k">do</span> <span class="n">children</span> <span class="o">=</span> <span class="p">[</span> <span class="p">{</span><span class="no">OpenIDConnect</span><span class="o">.</span><span class="no">Worker</span><span class="p">,</span> <span class="ss">did:</span> <span class="n">did_config</span><span class="p">()},</span> <span class="c1"># ...</span> <span class="p">]</span> <span class="n">opts</span> <span class="o">=</span> <span class="p">[</span><span class="ss">strategy:</span> <span class="ss">:one_for_one</span><span class="p">,</span> <span class="ss">name:</span> <span class="no">MyApp</span><span class="o">.</span><span class="no">Supervisor</span><span class="p">]</span> <span class="no">Supervisor</span><span class="o">.</span><span class="n">start_link</span><span class="p">(</span><span class="n">children</span><span class="p">,</span> <span class="n">opts</span><span class="p">)</span> <span class="k">end</span> <span class="k">defp</span> <span class="n">did_config</span><span class="p">()</span> <span class="k">do</span> <span class="n">client_id</span> <span class="o">=</span> <span class="no">System</span><span class="o">.</span><span class="n">get_env</span><span class="p">(</span><span class="s2">"CLIENT_ID"</span><span class="p">)</span> <span class="n">client_secret</span> <span class="o">=</span> <span class="no">System</span><span class="o">.</span><span class="n">get_env</span><span class="p">(</span><span class="s2">"CLIENT_SECRET"</span><span class="p">)</span> <span class="p">[</span> <span class="ss">discovery_document_uri:</span> <span class="s2">"https://did.app/.well-known/openid-configuration"</span><span class="p">,</span> <span class="ss">client_id:</span> <span class="n">client_id</span><span class="p">,</span> <span class="ss">client_secret:</span> <span class="n">client_secret</span><span class="p">,</span> <span class="ss">redirect_uri:</span> <span class="s2">"http://localhost:4000/session/callback"</span><span class="p">,</span> <span class="ss">response_type:</span> <span class="s2">"code"</span><span class="p">,</span> <span class="ss">scope:</span> <span class="s2">"openid"</span> <span class="p">]</span> <span class="k">end</span> </code></pre> </div> <p>These are the appropriate OpenID Connect options for a server rendered application.<br> The <code>client_id</code> and <code>client_secret</code> will be provided by DID when you create an application.</p> <h3> Create sign in actions </h3> <p>Signing in, or up, using the OpenID connect flow requires two endpoints.</p> <p>One endpoint redirects the user to the OpenID provider (in this case DID.app) to authenticate themselves.<br> A second callback endpoint is where the result of authenticating is handled.</p> <p>We will add both of these in a session controller.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight elixir"><code><span class="k">defmodule</span> <span class="no">MyAppWeb</span><span class="o">.</span><span class="no">SessionController</span> <span class="k">do</span> <span class="kn">use</span> <span class="no">MyAppWeb</span><span class="p">,</span> <span class="ss">:controller</span> <span class="k">def</span> <span class="n">authenticate</span><span class="p">(</span><span class="n">conn</span><span class="p">,</span> <span class="n">_params</span><span class="p">)</span> <span class="k">do</span> <span class="n">conn</span> <span class="o">|&gt;</span> <span class="n">redirect</span><span class="p">(</span><span class="ss">external:</span> <span class="no">OpenIDConnect</span><span class="o">.</span><span class="n">authorization_uri</span><span class="p">(</span><span class="ss">:did</span><span class="p">))</span> <span class="k">end</span> <span class="k">def</span> <span class="n">callback</span><span class="p">(</span><span class="n">conn</span><span class="p">,</span> <span class="p">%{</span><span class="s2">"code"</span> <span class="o">=&gt;</span> <span class="n">code</span><span class="p">})</span> <span class="k">do</span> <span class="p">{</span><span class="ss">:ok</span><span class="p">,</span> <span class="n">tokens</span><span class="p">}</span> <span class="o">=</span> <span class="no">OpenIDConnect</span><span class="o">.</span><span class="n">fetch_tokens</span><span class="p">(</span><span class="ss">:did</span><span class="p">,</span> <span class="p">%{</span><span class="ss">code:</span> <span class="n">code</span><span class="p">})</span> <span class="p">{</span><span class="ss">:ok</span><span class="p">,</span> <span class="n">claims</span><span class="p">}</span> <span class="o">=</span> <span class="no">OpenIDConnect</span><span class="o">.</span><span class="n">verify</span><span class="p">(</span><span class="ss">:did</span><span class="p">,</span> <span class="n">tokens</span><span class="p">[</span><span class="s2">"id_token"</span><span class="p">])</span> <span class="n">user_id</span> <span class="o">=</span> <span class="n">claims</span><span class="p">[</span><span class="s2">"sub"</span><span class="p">]</span> <span class="n">conn</span> <span class="o">|&gt;</span> <span class="n">put_session</span><span class="p">(</span><span class="ss">:user_id</span><span class="p">,</span> <span class="n">user_id</span><span class="p">)</span> <span class="o">|&gt;</span> <span class="n">redirect</span><span class="p">(</span><span class="ss">to:</span> <span class="s2">"/"</span><span class="p">)</span> <span class="k">end</span> <span class="k">end</span> </code></pre> </div> <p>Both of these actions need to be added to the router.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight elixir"><code><span class="n">scope</span> <span class="s2">"/"</span><span class="p">,</span> <span class="no">MyAppWeb</span> <span class="k">do</span> <span class="n">pipe_through</span> <span class="ss">:browser</span> <span class="n">get</span> <span class="s2">"/session/authenticate"</span><span class="p">,</span> <span class="no">SessionController</span><span class="p">,</span> <span class="ss">:authenticate</span> <span class="n">get</span> <span class="s2">"/session/callback"</span><span class="p">,</span> <span class="no">SessionController</span><span class="p">,</span> <span class="ss">:callback</span> <span class="k">end</span> </code></pre> </div> <h3> Display status to the user </h3> <p>To let our guest users sign in from any page we will add a button to the app layout.</p> <p>Edit the template in <code>lib/my_notes_web/templates/layout/app.html.eex</code> with the new code.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight eex"><code><span class="cp">&lt;%=</span> <span class="k">if</span> <span class="no">Plug</span><span class="o">.</span><span class="no">Conn</span><span class="o">.</span><span class="n">get_session</span><span class="p">(</span><span class="nv">@conn</span><span class="p">,</span> <span class="ss">:user_id</span><span class="p">)</span> <span class="k">do</span> <span class="cp">%&gt;</span> <span class="c">&lt;!-- show the user something about their account --&gt;</span> <span class="cp">&lt;%</span> <span class="k">else</span> <span class="cp">%&gt;</span> <span class="cp">&lt;%=</span> <span class="n">link</span> <span class="s2">"Sign in"</span><span class="p">,</span> <span class="ss">to:</span> <span class="no">Routes</span><span class="o">.</span><span class="n">session_path</span><span class="p">(</span><span class="nv">@conn</span><span class="p">,</span> <span class="ss">:authenticate</span><span class="p">),</span> <span class="ss">class:</span> <span class="s2">"button"</span> <span class="cp">%&gt;</span> <span class="cp">&lt;%</span> <span class="k">end</span> <span class="cp">%&gt;</span> </code></pre> </div> <h3> Setup the App on DID </h3> <p>You will need a DID account. <a href="https://auth.did.app">Sign up</a> to create one now.</p> <p>After signing up, you will be directed to set up your first app.<br> <em>Because we will run on localhost we need to use test app, select test mode.</em></p> <p><a href="https://res.cloudinary.com/practicaldev/image/fetch/s--vLV58cTQ--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_880/https://did.app/assets/images/create-app-screenshot.png" class="article-body-image-wrapper"><img src="https://res.cloudinary.com/practicaldev/image/fetch/s--vLV58cTQ--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_880/https://did.app/assets/images/create-app-screenshot.png" alt="Screenshot of creating an app on DID"></a></p> <p>After setting the details for the app, copy the client id and secret for use in our application.</p> <h3> Try it out </h3> <p>Start Phoenix, passing in the required configuration as environment variables.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nv">CLIENT_ID</span><span class="o">=</span>test_abc <span class="nv">CLIENT_SECRET</span><span class="o">=</span>test_abcdef mix phx.server </code></pre> </div> <p>Visit <a href="http://localhost:4000/">localhost:4000</a>,<br> you should see your new Phoenix app with a shiny sign in button.</p> <p>Any problems, see <a href="https://github.com/did-app/did-elixir/commit/654a39d697efc551c725e8871b5b4fee1b8bd63c">this commit</a> for the complete set of changes.</p> <h3> Have a question? </h3> <p>If you have any further questions contact me at <a href="//mailto:peter@did.app?subject=DID-Elixir%20question">peter@did.app</a>.</p> elixir phoenix webdev guide Phoenix and Elixir integration guide for passwordless authentication with Kno Peter Saxton Thu, 31 Oct 2019 13:51:30 +0000 https://dev.to/crowdhailer/phoenix-and-elixir-integration-guide-for-passwordless-authentication-with-kno-2m2j https://dev.to/crowdhailer/phoenix-and-elixir-integration-guide-for-passwordless-authentication-with-kno-2m2j <p><strong>EDIT: Kno has changed direction and is now <a href="https://did.app">DID</a></strong></p> <p><em>This guide requires Phoenix and Elixir.<br> The <a href="https://hexdocs.pm/phoenix/installation.html#content">Phoenix install guide</a> can help you get both of these set up.</em></p> <h2> Setup project </h2> <p>We are going to build a note taking app called <code>my_notes</code>.<br> <a href="https://trykno.com">Kno</a> will allow us to authenticate users and protect their notes.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>mix phx.new my_notes <span class="nt">--no-webpack</span> <span class="nb">cd </span>my_notes </code></pre> </div> <p>Open up <code>mix.exs</code> and add HTTPoison and Jason as dependencies.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight elixir"><code><span class="k">defp</span> <span class="n">deps</span> <span class="k">do</span> <span class="p">[</span> <span class="c1"># existing dependencies</span> <span class="p">{</span><span class="ss">:jason</span><span class="p">,</span> <span class="s2">"~&gt; 1.1"</span><span class="p">},</span> <span class="p">{</span><span class="ss">:httpoison</span><span class="p">,</span> <span class="s2">"~&gt; 1.6"</span><span class="p">},</span> <span class="p">]</span> <span class="k">end</span> </code></pre> </div> <p>Then run <code>mix deps.get</code> to pull the new dependencies.</p> <h2> Configure API and site tokens </h2> <p>Next configure the tokens associated without your application.<br> Add the following code to <code>config/dev.exs</code><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight elixir"><code><span class="n">config</span> <span class="ss">:my_notes</span><span class="p">,</span> <span class="ss">kno_site_token:</span> <span class="s2">"site_UITYJw8kQJilzVnux5VOPw"</span><span class="p">,</span> <span class="ss">kno_api_token:</span> <span class="s2">"API_AAAAAgDOxdmUqKpE9rw82Jj0Y6DM"</span> </code></pre> </div> <p><em>For production you will have keys unique to your application.<br> However you can use the tokens in this example as long as your example is running from localhost.</em></p> <p><strong>Please note that emails will be sent so you can test.<br> Ensure you use real email addresses so you do not get blocked from using these credentials for local development</strong></p> <h2> Display sign in/out buttons </h2> <p>Add the following code to <code>lib/my_notes_web/templates/layout/app.html.eex</code>, so that a user can sign in or out from any page.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight eex"><code><span class="cp">&lt;%=</span> <span class="k">if</span> <span class="n">authenticated?</span><span class="p">(</span><span class="nv">@conn</span><span class="p">)</span> <span class="k">do</span> <span class="cp">%&gt;</span> <span class="cp">&lt;%=</span> <span class="n">link</span> <span class="s2">"Sign out"</span><span class="p">,</span> <span class="ss">to:</span> <span class="no">Routes</span><span class="o">.</span><span class="n">session_path</span><span class="p">(</span><span class="nv">@conn</span><span class="p">,</span> <span class="ss">:sign_out</span><span class="p">)</span> <span class="cp">%&gt;</span> <span class="cp">&lt;%</span> <span class="k">else</span> <span class="cp">%&gt;</span> <span class="cp">&lt;%=</span> <span class="n">form_for</span> <span class="nv">@conn</span><span class="p">,</span> <span class="no">Routes</span><span class="o">.</span><span class="n">session_path</span><span class="p">(</span><span class="nv">@conn</span><span class="p">,</span> <span class="ss">:sign_in</span><span class="p">),</span> <span class="k">fn</span> <span class="n">_form</span> <span class="o">-&gt;</span> <span class="cp">%&gt;</span> <span class="nt">&lt;script </span><span class="na">src=</span><span class="s">"https://trykno.app/pass.js"</span> <span class="na">data-site=</span><span class="s">"</span><span class="cp">&lt;%=</span> <span class="no">Application</span><span class="o">.</span><span class="n">get_env</span><span class="p">(</span><span class="ss">:my_notes</span><span class="p">,</span> <span class="ss">:kno_site_token</span><span class="p">)</span> <span class="cp">%&gt;</span><span class="s">"</span><span class="nt">&gt;</span> <span class="nt">&lt;/script&gt;</span> <span class="cp">&lt;%=</span> <span class="n">submit</span> <span class="s2">"Sign in"</span> <span class="cp">%&gt;</span> <span class="cp">&lt;%</span> <span class="k">end</span> <span class="cp">%&gt;</span> <span class="cp">&lt;%</span> <span class="k">end</span> <span class="cp">%&gt;</span> </code></pre> </div> <p>The <code>authenticated?</code> function is a helper that we define later.</p> <p>For authenticated users a link to sign out is shown.<br> This link points to the <code>:sign_out</code> action found on the <code>MyNotesWeb.Session</code> controller.</p> <p>Authenticated users see a button that will start the process of signing in.</p> <p>Here we are using the <a href="https://trykno.com/docs/#kno-now">simple Kno integration</a> as it is the fastest way to get started.<br> When the form is submitted, a sign in overlay is shown. Once the client has been authenticated by token is added to a <strong>knoToken</strong> field in the form.<br> This form, and the <strong>knoToken</strong>, are submitted to the<code>:sign_in</code> action on the <code>MyNotesWeb.Session</code> controller.</p> <h3> Define the authenticated? helper. </h3> <p>The helper function, used to tell if our user is authenticated, is defined in <code>lib/my_notes_web/views/layout_view.ex</code>.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight elixir"><code><span class="k">def</span> <span class="n">authenticated?</span><span class="p">(</span><span class="n">conn</span><span class="p">)</span> <span class="k">do</span> <span class="k">case</span> <span class="no">Plug</span><span class="o">.</span><span class="no">Conn</span><span class="o">.</span><span class="n">get_session</span><span class="p">(</span><span class="n">conn</span><span class="p">,</span> <span class="ss">:persona_id</span><span class="p">)</span> <span class="k">do</span> <span class="n">persona_id</span> <span class="ow">when</span> <span class="n">is_binary</span><span class="p">(</span><span class="n">persona_id</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="no">true</span> <span class="no">nil</span> <span class="o">-&gt;</span> <span class="no">false</span> <span class="k">end</span> <span class="k">end</span> </code></pre> </div> <h2> Handle sign in/out actions </h2> <p>In <code>lib/my_notes_web/router.ex</code> add the two routes to the top level <code>"/"</code> scope pointing to a <code>SessionController</code>.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight elixir"><code><span class="n">scope</span> <span class="s2">"/"</span><span class="p">,</span> <span class="no">HelloWeb</span> <span class="k">do</span> <span class="n">pipe_through</span> <span class="ss">:browser</span> <span class="n">get</span> <span class="s2">"/"</span><span class="p">,</span> <span class="no">PageController</span><span class="p">,</span> <span class="ss">:index</span> <span class="n">post</span> <span class="s2">"/sign-in"</span><span class="p">,</span> <span class="no">SessionController</span><span class="p">,</span> <span class="ss">:sign_in</span> <span class="n">get</span> <span class="s2">"/sign-out"</span><span class="p">,</span> <span class="no">SessionController</span><span class="p">,</span> <span class="ss">:sign_out</span> <span class="k">end</span> </code></pre> </div> <p>Create a session controller to handle updating the users session when a user signs in or out.<br> Add to <code>lib/my_notes_web/controllers/session_controller.ex</code>.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight elixir"><code><span class="k">defmodule</span> <span class="no">MyNotesWeb</span><span class="o">.</span><span class="no">SessionController</span> <span class="k">do</span> <span class="kn">use</span> <span class="no">MyNotesWeb</span><span class="p">,</span> <span class="ss">:controller</span> <span class="k">def</span> <span class="n">sign_in</span><span class="p">(</span><span class="n">conn</span><span class="p">,</span> <span class="p">%{</span><span class="s2">"knoToken"</span> <span class="o">=&gt;</span> <span class="n">token</span><span class="p">})</span> <span class="k">do</span> <span class="n">persona_id</span> <span class="o">=</span> <span class="n">verify_token!</span><span class="p">(</span><span class="n">token</span><span class="p">)</span> <span class="n">conn</span> <span class="o">|&gt;</span> <span class="n">put_session</span><span class="p">(</span><span class="ss">:persona_id</span><span class="p">,</span> <span class="n">persona_id</span><span class="p">)</span> <span class="o">|&gt;</span> <span class="n">redirect</span><span class="p">(</span><span class="ss">to:</span> <span class="s2">"/notes"</span><span class="p">)</span> <span class="k">end</span> <span class="k">def</span> <span class="n">sign_out</span><span class="p">(</span><span class="n">conn</span><span class="p">,</span> <span class="n">_params</span><span class="p">)</span> <span class="k">do</span> <span class="n">conn</span> <span class="o">|&gt;</span> <span class="n">clear_session</span><span class="p">()</span> <span class="o">|&gt;</span> <span class="n">redirect</span><span class="p">(</span><span class="ss">to:</span> <span class="s2">"/"</span><span class="p">)</span> <span class="k">end</span> <span class="k">defp</span> <span class="n">verify_token!</span><span class="p">(</span><span class="n">token</span><span class="p">)</span> <span class="k">do</span> <span class="n">api_token</span> <span class="o">=</span> <span class="no">Application</span><span class="o">.</span><span class="n">get_env</span><span class="p">(</span><span class="ss">:my_notes</span><span class="p">,</span> <span class="ss">:kno_api_token</span><span class="p">)</span> <span class="n">url</span> <span class="o">=</span> <span class="s2">"https://api.trykno.app/v0/authenticate"</span> <span class="n">headers</span> <span class="o">=</span> <span class="p">[</span> <span class="p">{</span><span class="s2">"authorization"</span><span class="p">,</span> <span class="s2">"Basic </span><span class="si">#{</span><span class="no">Base</span><span class="o">.</span><span class="n">encode64</span><span class="p">(</span><span class="n">api_token</span> <span class="o">&lt;&gt;</span> <span class="s2">":"</span><span class="p">)</span><span class="si">}</span><span class="s2">"</span><span class="p">},</span> <span class="p">{</span><span class="s2">"content-type"</span><span class="p">,</span> <span class="s2">"application/json"</span><span class="p">}</span> <span class="p">]</span> <span class="n">body</span> <span class="o">=</span> <span class="no">Jason</span><span class="o">.</span><span class="n">encode!</span><span class="p">(%{</span><span class="ss">token:</span> <span class="n">token</span><span class="p">})</span> <span class="p">%{</span><span class="ss">status_code:</span> <span class="mi">200</span><span class="p">,</span> <span class="ss">body:</span> <span class="n">response_body</span><span class="p">}</span> <span class="o">=</span> <span class="no">HTTPoison</span><span class="o">.</span><span class="n">post!</span><span class="p">(</span><span class="n">url</span><span class="p">,</span> <span class="n">body</span><span class="p">,</span> <span class="n">headers</span><span class="p">)</span> <span class="p">%{</span><span class="s2">"persona"</span> <span class="o">=&gt;</span> <span class="p">%{</span><span class="s2">"id"</span> <span class="o">=&gt;</span> <span class="n">persona_id</span><span class="p">}}</span> <span class="o">=</span> <span class="no">Jason</span><span class="o">.</span><span class="n">decode!</span><span class="p">(</span><span class="n">response_body</span><span class="p">)</span> <span class="n">persona_id</span> <span class="k">end</span> <span class="k">end</span> </code></pre> </div> <p>The <code>verify_token</code> function makes a single API call to upgrade the token submitted from the client to the persona information.<br> The information returned from this call identifies a persona specific to your application rather than sensitive user data.<br> For this guide the difference between a persona and user is not important.</p> <p>Once authenticated, the session controller adds the persona_id to the session.</p> <h2> Try out sign in/out </h2> <p>At this point you should be able to start you application.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>mix phx.server </code></pre> </div> <p>visit <a href="http://localhost:4000">localhost:4000</a> and try signing in and out.<br> At this point our application can't do any more than this.</p> <p><a href="https://res.cloudinary.com/practicaldev/image/fetch/s--ZrcCmIGy--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_880/https://thepracticaldev.s3.amazonaws.com/i/ujvmv0zhqq5wxo2dr0py.png" class="article-body-image-wrapper"><img src="https://res.cloudinary.com/practicaldev/image/fetch/s--ZrcCmIGy--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_880/https://thepracticaldev.s3.amazonaws.com/i/ujvmv0zhqq5wxo2dr0py.png" alt="screenshot of the sign in page"></a></p> <h2> Saving notes in the database </h2> <p>Now is the time to add some notes to our notes application.<br> Add a migration to create a notes table so that the application can save notes in the database.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>mix ecto.gen.migration create_notes </code></pre> </div> <p>In the generated file at <code>/priv/repo/migrations/[timestamp]_create_notes.exs</code> create a table for notes with a title content persona_id and timestamps.<br> The timestamps are used so a user can see the notes in the order they created them.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight elixir"><code><span class="k">defmodule</span> <span class="no">MyNotes</span><span class="o">.</span><span class="no">Repo</span><span class="o">.</span><span class="no">Migrations</span><span class="o">.</span><span class="no">CreateNotes</span> <span class="k">do</span> <span class="kn">use</span> <span class="no">Ecto</span><span class="o">.</span><span class="no">Migration</span> <span class="k">def</span> <span class="n">change</span> <span class="k">do</span> <span class="n">create</span> <span class="n">table</span><span class="p">(</span><span class="ss">:notes</span><span class="p">)</span> <span class="k">do</span> <span class="n">add</span> <span class="ss">:persona_id</span><span class="p">,</span> <span class="ss">:binary_id</span><span class="p">,</span> <span class="ss">null:</span> <span class="no">false</span> <span class="n">add</span> <span class="ss">:title</span><span class="p">,</span> <span class="ss">:text</span><span class="p">,</span> <span class="ss">null:</span> <span class="no">false</span> <span class="n">add</span> <span class="ss">:content</span><span class="p">,</span> <span class="ss">:text</span><span class="p">,</span> <span class="ss">null:</span> <span class="no">false</span> <span class="n">timestamps</span><span class="p">(</span><span class="ss">type:</span> <span class="ss">:utc_datetime</span><span class="p">)</span> <span class="k">end</span> <span class="n">create</span> <span class="n">index</span><span class="p">(</span><span class="ss">:notes</span><span class="p">,</span> <span class="ss">:persona_id</span><span class="p">)</span> <span class="k">end</span> <span class="k">end</span> </code></pre> </div> <p>Then run <code>mix ecto.migrate</code> to apply the migration to your database.<br> Before running this for the first time you will need to run <code>mix ecto.create</code>.</p> <p>Create the file <code>lib/my_notes/note.ex</code> in which we will add the Ecto model for accessing notes in the database.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight elixir"><code><span class="k">defmodule</span> <span class="no">MyNotes</span><span class="o">.</span><span class="no">Note</span> <span class="k">do</span> <span class="kn">use</span> <span class="no">Ecto</span><span class="o">.</span><span class="no">Schema</span> <span class="n">schema</span> <span class="s2">"notes"</span> <span class="k">do</span> <span class="n">field</span> <span class="ss">:persona_id</span><span class="p">,</span> <span class="ss">:binary_id</span> <span class="n">field</span> <span class="ss">:title</span><span class="p">,</span> <span class="ss">:string</span> <span class="n">field</span> <span class="ss">:content</span><span class="p">,</span> <span class="ss">:string</span> <span class="n">timestamps</span><span class="p">(</span><span class="ss">type:</span> <span class="ss">:utc_datetime</span><span class="p">)</span> <span class="k">end</span> <span class="k">def</span> <span class="n">changeset</span><span class="p">(</span><span class="n">note</span><span class="p">,</span> <span class="n">attrs</span><span class="p">)</span> <span class="k">do</span> <span class="kn">import</span> <span class="no">Ecto</span><span class="o">.</span><span class="no">Changeset</span> <span class="n">note</span> <span class="o">|&gt;</span> <span class="n">cast</span><span class="p">(</span><span class="n">attrs</span><span class="p">,</span> <span class="p">[</span><span class="ss">:title</span><span class="p">,</span> <span class="ss">:content</span><span class="p">])</span> <span class="o">|&gt;</span> <span class="n">validate_required</span><span class="p">([</span><span class="ss">:title</span><span class="p">,</span> <span class="ss">:content</span><span class="p">])</span> <span class="k">end</span> <span class="k">end</span> </code></pre> </div> <p>Add the logic for managing notes to <code>lib/my_notes.ex</code> so that we can use a clean interface to the core logic from a notes controller.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight elixir"><code><span class="k">defmodule</span> <span class="no">MyNotes</span> <span class="k">do</span> <span class="kn">import</span> <span class="no">Ecto</span><span class="o">.</span><span class="no">Query</span><span class="p">,</span> <span class="ss">warn:</span> <span class="no">false</span> <span class="n">alias</span> <span class="no">MyNotes</span><span class="o">.</span><span class="no">Note</span> <span class="n">alias</span> <span class="no">MyNotes</span><span class="o">.</span><span class="no">Repo</span> <span class="nv">@doc</span> <span class="sd">""" Returns the list of notes for a given persona id. """</span> <span class="k">def</span> <span class="n">list_notes</span><span class="p">(</span><span class="n">persona_id</span><span class="p">)</span> <span class="ow">when</span> <span class="n">is_binary</span><span class="p">(</span><span class="n">persona_id</span><span class="p">)</span> <span class="k">do</span> <span class="n">from</span><span class="p">(</span><span class="n">n</span> <span class="ow">in</span> <span class="no">Note</span><span class="p">,</span> <span class="ss">where:</span> <span class="n">n</span><span class="o">.</span><span class="n">persona_id</span> <span class="o">==</span> <span class="o">^</span><span class="n">persona_id</span><span class="p">,</span> <span class="ss">order_by:</span> <span class="ss">:inserted_at</span><span class="p">)</span> <span class="o">|&gt;</span> <span class="no">Repo</span><span class="o">.</span><span class="n">all</span><span class="p">()</span> <span class="k">end</span> <span class="nv">@doc</span> <span class="sd">""" Gets a single note owned by a persona. """</span> <span class="k">def</span> <span class="n">get_note!</span><span class="p">(</span><span class="n">id</span><span class="p">,</span> <span class="n">persona_id</span><span class="p">),</span> <span class="k">do</span><span class="p">:</span> <span class="no">Repo</span><span class="o">.</span><span class="n">get_by!</span><span class="p">(</span><span class="no">Note</span><span class="p">,</span> <span class="ss">id:</span> <span class="n">id</span><span class="p">,</span> <span class="ss">persona_id:</span> <span class="n">persona_id</span><span class="p">)</span> <span class="nv">@doc</span> <span class="sd">""" Creates a note for a persona. """</span> <span class="k">def</span> <span class="n">create_note</span><span class="p">(</span><span class="n">attrs</span><span class="p">,</span> <span class="n">persona_id</span><span class="p">)</span> <span class="k">do</span> <span class="p">%</span><span class="no">Note</span><span class="p">{</span><span class="ss">persona_id:</span> <span class="n">persona_id</span><span class="p">}</span> <span class="o">|&gt;</span> <span class="no">Note</span><span class="o">.</span><span class="n">changeset</span><span class="p">(</span><span class="n">attrs</span><span class="p">)</span> <span class="o">|&gt;</span> <span class="no">Repo</span><span class="o">.</span><span class="n">insert</span><span class="p">()</span> <span class="k">end</span> <span class="nv">@doc</span> <span class="sd">""" Updates an existing note. """</span> <span class="k">def</span> <span class="n">update_note</span><span class="p">(%</span><span class="no">Note</span><span class="p">{}</span> <span class="o">=</span> <span class="n">note</span><span class="p">,</span> <span class="n">attrs</span><span class="p">)</span> <span class="k">do</span> <span class="n">note</span> <span class="o">|&gt;</span> <span class="no">Note</span><span class="o">.</span><span class="n">changeset</span><span class="p">(</span><span class="n">attrs</span><span class="p">)</span> <span class="o">|&gt;</span> <span class="no">Repo</span><span class="o">.</span><span class="n">update</span><span class="p">()</span> <span class="k">end</span> <span class="nv">@doc</span> <span class="sd">""" Deletes a Note. """</span> <span class="k">def</span> <span class="n">delete_note</span><span class="p">(%</span><span class="no">Note</span><span class="p">{}</span> <span class="o">=</span> <span class="n">note</span><span class="p">)</span> <span class="k">do</span> <span class="no">Repo</span><span class="o">.</span><span class="n">delete</span><span class="p">(</span><span class="n">note</span><span class="p">)</span> <span class="k">end</span> <span class="nv">@doc</span> <span class="sd">""" Returns an `%Ecto.Changeset{}` for tracking note changes. """</span> <span class="k">def</span> <span class="n">change_note</span><span class="p">(%</span><span class="no">Note</span><span class="p">{}</span> <span class="o">=</span> <span class="n">note</span><span class="p">)</span> <span class="k">do</span> <span class="no">Note</span><span class="o">.</span><span class="n">changeset</span><span class="p">(</span><span class="n">note</span><span class="p">,</span> <span class="p">%{})</span> <span class="k">end</span> <span class="k">end</span> </code></pre> </div> <p>Once a user has signed in they can Create Read Update &amp; Delete (CRUD) notes that belong to them.<br> The <code>MyNotes</code> module provides an interface for all these actions.</p> <h2> Create a notes controller and views </h2> <p>Now it's time to create a controller for users to work with their notes.<br> This will live in <code>lib/my_notes_web/controllers/note_controller.ex</code>.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight elixir"><code><span class="k">defmodule</span> <span class="no">MyNotesWeb</span><span class="o">.</span><span class="no">NoteController</span> <span class="k">do</span> <span class="kn">use</span> <span class="no">MyNotesWeb</span><span class="p">,</span> <span class="ss">:controller</span> <span class="k">def</span> <span class="n">index</span><span class="p">(</span><span class="n">conn</span><span class="p">,</span> <span class="n">_params</span><span class="p">)</span> <span class="k">do</span> <span class="p">%{</span><span class="ss">persona_id:</span> <span class="n">persona_id</span><span class="p">}</span> <span class="o">=</span> <span class="n">conn</span><span class="o">.</span><span class="n">assigns</span> <span class="n">notes</span> <span class="o">=</span> <span class="no">MyNotes</span><span class="o">.</span><span class="n">list_notes</span><span class="p">(</span><span class="n">persona_id</span><span class="p">)</span> <span class="n">render</span><span class="p">(</span><span class="n">conn</span><span class="p">,</span> <span class="s2">"index.html"</span><span class="p">,</span> <span class="ss">notes:</span> <span class="n">notes</span><span class="p">)</span> <span class="k">end</span> <span class="k">def</span> <span class="n">new</span><span class="p">(</span><span class="n">conn</span><span class="p">,</span> <span class="n">_params</span><span class="p">)</span> <span class="k">do</span> <span class="p">%{</span><span class="ss">persona_id:</span> <span class="n">persona_id</span><span class="p">}</span> <span class="o">=</span> <span class="n">conn</span><span class="o">.</span><span class="n">assigns</span> <span class="n">changeset</span> <span class="o">=</span> <span class="no">MyNotes</span><span class="o">.</span><span class="n">change_note</span><span class="p">(%</span><span class="no">MyNotes</span><span class="o">.</span><span class="no">Note</span><span class="p">{</span><span class="ss">persona_id:</span> <span class="n">persona_id</span><span class="p">})</span> <span class="n">render</span><span class="p">(</span><span class="n">conn</span><span class="p">,</span> <span class="s2">"new.html"</span><span class="p">,</span> <span class="ss">changeset:</span> <span class="n">changeset</span><span class="p">)</span> <span class="k">end</span> <span class="k">def</span> <span class="n">create</span><span class="p">(</span><span class="n">conn</span><span class="p">,</span> <span class="p">%{</span><span class="s2">"note"</span> <span class="o">=&gt;</span> <span class="n">note_params</span><span class="p">})</span> <span class="k">do</span> <span class="p">%{</span><span class="ss">persona_id:</span> <span class="n">persona_id</span><span class="p">}</span> <span class="o">=</span> <span class="n">conn</span><span class="o">.</span><span class="n">assigns</span> <span class="k">case</span> <span class="no">MyNotes</span><span class="o">.</span><span class="n">create_note</span><span class="p">(</span><span class="n">note_params</span><span class="p">,</span> <span class="n">persona_id</span><span class="p">)</span> <span class="k">do</span> <span class="p">{</span><span class="ss">:ok</span><span class="p">,</span> <span class="n">note</span><span class="p">}</span> <span class="o">-&gt;</span> <span class="n">conn</span> <span class="o">|&gt;</span> <span class="n">put_flash</span><span class="p">(</span><span class="ss">:info</span><span class="p">,</span> <span class="s2">"Note created successfully."</span><span class="p">)</span> <span class="o">|&gt;</span> <span class="n">redirect</span><span class="p">(</span><span class="ss">to:</span> <span class="no">Routes</span><span class="o">.</span><span class="n">note_path</span><span class="p">(</span><span class="n">conn</span><span class="p">,</span> <span class="ss">:show</span><span class="p">,</span> <span class="n">note</span><span class="p">))</span> <span class="p">{</span><span class="ss">:error</span><span class="p">,</span> <span class="p">%</span><span class="no">Ecto</span><span class="o">.</span><span class="no">Changeset</span><span class="p">{}</span> <span class="o">=</span> <span class="n">changeset</span><span class="p">}</span> <span class="o">-&gt;</span> <span class="n">render</span><span class="p">(</span><span class="n">conn</span><span class="p">,</span> <span class="s2">"new.html"</span><span class="p">,</span> <span class="ss">changeset:</span> <span class="n">changeset</span><span class="p">)</span> <span class="k">end</span> <span class="k">end</span> <span class="k">def</span> <span class="n">show</span><span class="p">(</span><span class="n">conn</span><span class="p">,</span> <span class="p">%{</span><span class="s2">"id"</span> <span class="o">=&gt;</span> <span class="n">id</span><span class="p">})</span> <span class="k">do</span> <span class="p">%{</span><span class="ss">persona_id:</span> <span class="n">persona_id</span><span class="p">}</span> <span class="o">=</span> <span class="n">conn</span><span class="o">.</span><span class="n">assigns</span> <span class="n">note</span> <span class="o">=</span> <span class="no">MyNotes</span><span class="o">.</span><span class="n">get_note!</span><span class="p">(</span><span class="n">id</span><span class="p">,</span> <span class="n">persona_id</span><span class="p">)</span> <span class="n">render</span><span class="p">(</span><span class="n">conn</span><span class="p">,</span> <span class="s2">"show.html"</span><span class="p">,</span> <span class="ss">note:</span> <span class="n">note</span><span class="p">)</span> <span class="k">end</span> <span class="k">def</span> <span class="n">edit</span><span class="p">(</span><span class="n">conn</span><span class="p">,</span> <span class="p">%{</span><span class="s2">"id"</span> <span class="o">=&gt;</span> <span class="n">id</span><span class="p">})</span> <span class="k">do</span> <span class="p">%{</span><span class="ss">persona_id:</span> <span class="n">persona_id</span><span class="p">}</span> <span class="o">=</span> <span class="n">conn</span><span class="o">.</span><span class="n">assigns</span> <span class="n">note</span> <span class="o">=</span> <span class="no">MyNotes</span><span class="o">.</span><span class="n">get_note!</span><span class="p">(</span><span class="n">id</span><span class="p">,</span> <span class="n">persona_id</span><span class="p">)</span> <span class="n">changeset</span> <span class="o">=</span> <span class="no">MyNotes</span><span class="o">.</span><span class="n">change_note</span><span class="p">(</span><span class="n">note</span><span class="p">)</span> <span class="n">render</span><span class="p">(</span><span class="n">conn</span><span class="p">,</span> <span class="s2">"edit.html"</span><span class="p">,</span> <span class="ss">note:</span> <span class="n">note</span><span class="p">,</span> <span class="ss">changeset:</span> <span class="n">changeset</span><span class="p">)</span> <span class="k">end</span> <span class="k">def</span> <span class="n">update</span><span class="p">(</span><span class="n">conn</span><span class="p">,</span> <span class="p">%{</span><span class="s2">"id"</span> <span class="o">=&gt;</span> <span class="n">id</span><span class="p">,</span> <span class="s2">"note"</span> <span class="o">=&gt;</span> <span class="n">note_params</span><span class="p">})</span> <span class="k">do</span> <span class="p">%{</span><span class="ss">persona_id:</span> <span class="n">persona_id</span><span class="p">}</span> <span class="o">=</span> <span class="n">conn</span><span class="o">.</span><span class="n">assigns</span> <span class="n">note</span> <span class="o">=</span> <span class="no">MyNotes</span><span class="o">.</span><span class="n">get_note!</span><span class="p">(</span><span class="n">id</span><span class="p">,</span> <span class="n">persona_id</span><span class="p">)</span> <span class="k">case</span> <span class="no">MyNotes</span><span class="o">.</span><span class="n">update_note</span><span class="p">(</span><span class="n">note</span><span class="p">,</span> <span class="n">note_params</span><span class="p">)</span> <span class="k">do</span> <span class="p">{</span><span class="ss">:ok</span><span class="p">,</span> <span class="n">note</span><span class="p">}</span> <span class="o">-&gt;</span> <span class="n">conn</span> <span class="o">|&gt;</span> <span class="n">put_flash</span><span class="p">(</span><span class="ss">:info</span><span class="p">,</span> <span class="s2">"Note updated successfully."</span><span class="p">)</span> <span class="o">|&gt;</span> <span class="n">redirect</span><span class="p">(</span><span class="ss">to:</span> <span class="no">Routes</span><span class="o">.</span><span class="n">note_path</span><span class="p">(</span><span class="n">conn</span><span class="p">,</span> <span class="ss">:show</span><span class="p">,</span> <span class="n">note</span><span class="p">))</span> <span class="p">{</span><span class="ss">:error</span><span class="p">,</span> <span class="p">%</span><span class="no">Ecto</span><span class="o">.</span><span class="no">Changeset</span><span class="p">{}</span> <span class="o">=</span> <span class="n">changeset</span><span class="p">}</span> <span class="o">-&gt;</span> <span class="n">render</span><span class="p">(</span><span class="n">conn</span><span class="p">,</span> <span class="s2">"edit.html"</span><span class="p">,</span> <span class="ss">note:</span> <span class="n">note</span><span class="p">,</span> <span class="ss">changeset:</span> <span class="n">changeset</span><span class="p">)</span> <span class="k">end</span> <span class="k">end</span> <span class="k">def</span> <span class="n">delete</span><span class="p">(</span><span class="n">conn</span><span class="p">,</span> <span class="p">%{</span><span class="s2">"id"</span> <span class="o">=&gt;</span> <span class="n">id</span><span class="p">})</span> <span class="k">do</span> <span class="p">%{</span><span class="ss">persona_id:</span> <span class="n">persona_id</span><span class="p">}</span> <span class="o">=</span> <span class="n">conn</span><span class="o">.</span><span class="n">assigns</span> <span class="n">note</span> <span class="o">=</span> <span class="no">MyNotes</span><span class="o">.</span><span class="n">get_note!</span><span class="p">(</span><span class="n">id</span><span class="p">,</span> <span class="n">persona_id</span><span class="p">)</span> <span class="p">{</span><span class="ss">:ok</span><span class="p">,</span> <span class="n">_note</span><span class="p">}</span> <span class="o">=</span> <span class="no">MyNotes</span><span class="o">.</span><span class="n">delete_note</span><span class="p">(</span><span class="n">note</span><span class="p">)</span> <span class="n">conn</span> <span class="o">|&gt;</span> <span class="n">put_flash</span><span class="p">(</span><span class="ss">:info</span><span class="p">,</span> <span class="s2">"Note deleted successfully."</span><span class="p">)</span> <span class="o">|&gt;</span> <span class="n">redirect</span><span class="p">(</span><span class="ss">to:</span> <span class="no">Routes</span><span class="o">.</span><span class="n">note_path</span><span class="p">(</span><span class="n">conn</span><span class="p">,</span> <span class="ss">:index</span><span class="p">))</span> <span class="k">end</span> <span class="k">end</span> </code></pre> </div> <p>For each action the controller uses the business logic defined in the previous section.<br> Every action that needs a persona_id extracts it from the assign property of the conn,<br> relying on authentication to be handled at a before.</p> <p>We will ensure that authentication is always handled by writing a plug that will be added to the pipeline before the controller is called.</p> <p>Add a view module in <code>lib/my_notes_web/views/note_view.ex</code> to generate the <code>render</code> functions used in this controller.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight elixir"><code><span class="k">defmodule</span> <span class="no">MyNotesWeb</span><span class="o">.</span><span class="no">NoteView</span> <span class="k">do</span> <span class="kn">use</span> <span class="no">MyNotesWeb</span><span class="p">,</span> <span class="ss">:view</span> <span class="k">end</span> </code></pre> </div> <p>No extra functionallity is needed in this view, so all that remains is to create the following templates:</p> <p><em>lib/my_notes_web/templates/note/index.html.eex</em><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight eex"><code><span class="nt">&lt;h1&gt;</span>Your Notes<span class="nt">&lt;/h1&gt;</span> <span class="nt">&lt;table&gt;</span> <span class="nt">&lt;thead&gt;</span> <span class="nt">&lt;tr&gt;</span> <span class="nt">&lt;th&gt;</span>Title<span class="nt">&lt;/th&gt;</span> <span class="nt">&lt;th&gt;&lt;/th&gt;</span> <span class="nt">&lt;/tr&gt;</span> <span class="nt">&lt;/thead&gt;</span> <span class="nt">&lt;tbody&gt;</span> <span class="cp">&lt;%=</span> <span class="n">for</span> <span class="n">note</span> <span class="o">&lt;-</span> <span class="nv">@notes</span> <span class="k">do</span> <span class="cp">%&gt;</span> <span class="nt">&lt;tr&gt;</span> <span class="nt">&lt;td&gt;</span><span class="cp">&lt;%=</span> <span class="n">note</span><span class="o">.</span><span class="n">title</span> <span class="cp">%&gt;</span><span class="nt">&lt;/td&gt;</span> <span class="nt">&lt;td&gt;</span> <span class="cp">&lt;%=</span> <span class="n">link</span> <span class="s2">"Show"</span><span class="p">,</span> <span class="ss">to:</span> <span class="no">Routes</span><span class="o">.</span><span class="n">note_path</span><span class="p">(</span><span class="nv">@conn</span><span class="p">,</span> <span class="ss">:show</span><span class="p">,</span> <span class="n">note</span><span class="p">)</span> <span class="cp">%&gt;</span> <span class="ni">&amp;middot;</span> <span class="cp">&lt;%=</span> <span class="n">link</span> <span class="s2">"Edit"</span><span class="p">,</span> <span class="ss">to:</span> <span class="no">Routes</span><span class="o">.</span><span class="n">note_path</span><span class="p">(</span><span class="nv">@conn</span><span class="p">,</span> <span class="ss">:edit</span><span class="p">,</span> <span class="n">note</span><span class="p">)</span> <span class="cp">%&gt;</span> <span class="ni">&amp;middot;</span> <span class="cp">&lt;%=</span> <span class="n">link</span> <span class="s2">"Delete"</span><span class="p">,</span> <span class="ss">to:</span> <span class="no">Routes</span><span class="o">.</span><span class="n">note_path</span><span class="p">(</span><span class="nv">@conn</span><span class="p">,</span> <span class="ss">:delete</span><span class="p">,</span> <span class="n">note</span><span class="p">),</span> <span class="ss">method:</span> <span class="ss">:delete</span><span class="p">,</span> <span class="ss">data:</span> <span class="p">[</span><span class="ss">confirm:</span> <span class="s2">"Are you sure?"</span><span class="p">]</span> <span class="cp">%&gt;</span> <span class="nt">&lt;/td&gt;</span> <span class="nt">&lt;/tr&gt;</span> <span class="cp">&lt;%</span> <span class="k">end</span> <span class="cp">%&gt;</span> <span class="nt">&lt;/tbody&gt;</span> <span class="nt">&lt;/table&gt;</span> <span class="nt">&lt;span&gt;</span><span class="cp">&lt;%=</span> <span class="n">link</span> <span class="s2">"Create Note"</span><span class="p">,</span> <span class="ss">to:</span> <span class="no">Routes</span><span class="o">.</span><span class="n">note_path</span><span class="p">(</span><span class="nv">@conn</span><span class="p">,</span> <span class="ss">:new</span><span class="p">)</span> <span class="cp">%&gt;</span><span class="nt">&lt;/span&gt;</span> </code></pre> </div> <p><em>lib/my_notes_web/templates/note/form.html.eex</em><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight eex"><code><span class="cp">&lt;%=</span> <span class="n">form_for</span> <span class="nv">@changeset</span><span class="p">,</span> <span class="nv">@action</span><span class="p">,</span> <span class="k">fn</span> <span class="n">f</span> <span class="o">-&gt;</span> <span class="cp">%&gt;</span> <span class="cp">&lt;%=</span> <span class="k">if</span> <span class="nv">@changeset</span><span class="o">.</span><span class="n">action</span> <span class="k">do</span> <span class="cp">%&gt;</span> <span class="nt">&lt;div</span> <span class="na">class=</span><span class="s">"alert alert-danger"</span><span class="nt">&gt;</span> <span class="nt">&lt;p&gt;</span>Oops, something went wrong! Please check the errors below.<span class="nt">&lt;/p&gt;</span> <span class="nt">&lt;/div&gt;</span> <span class="cp">&lt;%</span> <span class="k">end</span> <span class="cp">%&gt;</span> <span class="cp">&lt;%=</span> <span class="n">label</span> <span class="n">f</span><span class="p">,</span> <span class="ss">:title</span> <span class="cp">%&gt;</span> <span class="cp">&lt;%=</span> <span class="n">text_input</span> <span class="n">f</span><span class="p">,</span> <span class="ss">:title</span> <span class="cp">%&gt;</span> <span class="cp">&lt;%=</span> <span class="n">error_tag</span> <span class="n">f</span><span class="p">,</span> <span class="ss">:title</span> <span class="cp">%&gt;</span> <span class="cp">&lt;%=</span> <span class="n">label</span> <span class="n">f</span><span class="p">,</span> <span class="ss">:content</span> <span class="cp">%&gt;</span> <span class="cp">&lt;%=</span> <span class="n">textarea</span> <span class="n">f</span><span class="p">,</span> <span class="ss">:content</span><span class="p">,</span> <span class="ss">rows:</span> <span class="s2">"20"</span> <span class="cp">%&gt;</span> <span class="cp">&lt;%=</span> <span class="n">error_tag</span> <span class="n">f</span><span class="p">,</span> <span class="ss">:content</span> <span class="cp">%&gt;</span> <span class="nt">&lt;div&gt;</span> <span class="cp">&lt;%=</span> <span class="n">submit</span> <span class="s2">"Save"</span> <span class="cp">%&gt;</span> <span class="nt">&lt;/div&gt;</span> <span class="cp">&lt;%</span> <span class="k">end</span> <span class="cp">%&gt;</span> </code></pre> </div> <p><em>lib/my_notes_web/templates/note/new.html.eex</em><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight eex"><code><span class="nt">&lt;h1&gt;</span>New Note<span class="nt">&lt;/h1&gt;</span> <span class="cp">&lt;%=</span> <span class="n">render</span> <span class="s2">"form.html"</span><span class="p">,</span> <span class="no">Map</span><span class="o">.</span><span class="n">put</span><span class="p">(</span><span class="n">assigns</span><span class="p">,</span> <span class="ss">:action</span><span class="p">,</span> <span class="no">Routes</span><span class="o">.</span><span class="n">note_path</span><span class="p">(</span><span class="nv">@conn</span><span class="p">,</span> <span class="ss">:create</span><span class="p">))</span> <span class="cp">%&gt;</span> <span class="nt">&lt;span&gt;</span><span class="cp">&lt;%=</span> <span class="n">link</span> <span class="s2">"Back"</span><span class="p">,</span> <span class="ss">to:</span> <span class="no">Routes</span><span class="o">.</span><span class="n">note_path</span><span class="p">(</span><span class="nv">@conn</span><span class="p">,</span> <span class="ss">:index</span><span class="p">)</span> <span class="cp">%&gt;</span><span class="nt">&lt;/span&gt;</span> </code></pre> </div> <p><em>lib/my_notes_web/templates/note/show.html.eex</em><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight eex"><code><span class="nt">&lt;h2&gt;</span><span class="cp">&lt;%=</span> <span class="nv">@note</span><span class="o">.</span><span class="n">title</span> <span class="cp">%&gt;</span><span class="nt">&lt;/h2&gt;</span> <span class="nt">&lt;div</span> <span class="na">class=</span><span class="s">"preformatted"</span><span class="nt">&gt;</span> <span class="cp">&lt;%=</span> <span class="nv">@note</span><span class="o">.</span><span class="n">content</span> <span class="cp">%&gt;</span> <span class="nt">&lt;/div&gt;</span> <span class="nt">&lt;hr</span> <span class="nt">/&gt;</span> <span class="nt">&lt;span&gt;</span><span class="cp">&lt;%=</span> <span class="n">link</span> <span class="s2">"Edit"</span><span class="p">,</span> <span class="ss">to:</span> <span class="no">Routes</span><span class="o">.</span><span class="n">note_path</span><span class="p">(</span><span class="nv">@conn</span><span class="p">,</span> <span class="ss">:edit</span><span class="p">,</span> <span class="nv">@note</span><span class="p">)</span> <span class="cp">%&gt;</span><span class="nt">&lt;/span&gt;</span> <span class="ni">&amp;middot;</span> <span class="nt">&lt;span&gt;</span><span class="cp">&lt;%=</span> <span class="n">link</span> <span class="s2">"Back"</span><span class="p">,</span> <span class="ss">to:</span> <span class="no">Routes</span><span class="o">.</span><span class="n">note_path</span><span class="p">(</span><span class="nv">@conn</span><span class="p">,</span> <span class="ss">:index</span><span class="p">)</span> <span class="cp">%&gt;</span><span class="nt">&lt;/span&gt;</span> </code></pre> </div> <p><em>lib/my_notes_web/templates/note/edit.html.eex</em><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight eex"><code><span class="nt">&lt;h1&gt;</span>Edit Note<span class="nt">&lt;/h1&gt;</span> <span class="cp">&lt;%=</span> <span class="n">render</span> <span class="s2">"form.html"</span><span class="p">,</span> <span class="no">Map</span><span class="o">.</span><span class="n">put</span><span class="p">(</span><span class="n">assigns</span><span class="p">,</span> <span class="ss">:action</span><span class="p">,</span> <span class="no">Routes</span><span class="o">.</span><span class="n">note_path</span><span class="p">(</span><span class="nv">@conn</span><span class="p">,</span> <span class="ss">:update</span><span class="p">,</span> <span class="nv">@note</span><span class="p">))</span> <span class="cp">%&gt;</span> <span class="nt">&lt;span&gt;</span><span class="cp">&lt;%=</span> <span class="n">link</span> <span class="s2">"Back"</span><span class="p">,</span> <span class="ss">to:</span> <span class="no">Routes</span><span class="o">.</span><span class="n">note_path</span><span class="p">(</span><span class="nv">@conn</span><span class="p">,</span> <span class="ss">:index</span><span class="p">)</span> <span class="cp">%&gt;</span><span class="nt">&lt;/span&gt;</span> </code></pre> </div> <h2> Protecting note routes </h2> <p>Add the following code to <code>lib/my_notes_web/router.ex</code>.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight elixir"><code><span class="n">alias</span> <span class="no">MyNotesWeb</span><span class="o">.</span><span class="no">Router</span><span class="o">.</span><span class="no">Helpers</span><span class="p">,</span> <span class="ss">as:</span> <span class="no">Routes</span> <span class="n">scope</span> <span class="s2">"/notes"</span><span class="p">,</span> <span class="no">MyNotesWeb</span> <span class="k">do</span> <span class="n">pipe_through</span> <span class="p">[</span><span class="ss">:browser</span><span class="p">,</span> <span class="ss">:ensure_authenticated</span><span class="p">]</span> <span class="n">resources</span> <span class="s2">"/"</span><span class="p">,</span> <span class="no">NoteController</span> <span class="k">end</span> <span class="k">def</span> <span class="n">ensure_authenticated</span><span class="p">(</span><span class="n">conn</span><span class="p">,</span> <span class="n">_</span><span class="p">)</span> <span class="k">do</span> <span class="k">case</span> <span class="n">get_session</span><span class="p">(</span><span class="n">conn</span><span class="p">,</span> <span class="ss">:persona_id</span><span class="p">)</span> <span class="k">do</span> <span class="no">nil</span> <span class="o">-&gt;</span> <span class="n">conn</span> <span class="o">|&gt;</span> <span class="n">put_flash</span><span class="p">(</span><span class="ss">:error</span><span class="p">,</span> <span class="s2">"You don't have permission to access that page"</span><span class="p">)</span> <span class="o">|&gt;</span> <span class="n">redirect</span><span class="p">(</span><span class="ss">to:</span> <span class="no">Routes</span><span class="o">.</span><span class="n">page_path</span><span class="p">(</span><span class="n">conn</span><span class="p">,</span> <span class="ss">:index</span><span class="p">))</span> <span class="o">|&gt;</span> <span class="n">halt</span><span class="p">()</span> <span class="n">persona_id</span> <span class="ow">when</span> <span class="n">is_binary</span><span class="p">(</span><span class="n">persona_id</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="n">conn</span> <span class="o">|&gt;</span> <span class="n">assign</span><span class="p">(</span><span class="ss">:persona_id</span><span class="p">,</span> <span class="n">persona_id</span><span class="p">)</span> <span class="k">end</span> <span class="k">end</span> </code></pre> </div> <p>All of the CRUD actions are defined by the <code>resource</code> macro.</p> <p>By adding <code>ensure_authenticated</code> to the <code>pipe_through</code> section every client request is first passed through this function.<br> This <code>ensure_authenticated</code> plug checks that the session contains a persona_id.<br> For unauthenticated sessions the request is redirected with an error and halted.<br> If a persona_id was present it is added as an assign property on the plug, the request will then continue up the pipeline to be handled by the notes controller.</p> <h2> Try it out </h2> <p>At this point we have a working notes application.<br> Try it out by visiting <a href="http://localhost:4000/notes">localhost:4000</a>.<br> If you have had any trouble you can pull the finished example <a href="https://github.com/trykno/kno-elixir/tree/master/examples/phoenix_integration">here</a></p> <p><a href="https://res.cloudinary.com/practicaldev/image/fetch/s--UszpANrC--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_880/https://thepracticaldev.s3.amazonaws.com/i/ghvkpqniywro2we7di2a.png" class="article-body-image-wrapper"><img src="https://res.cloudinary.com/practicaldev/image/fetch/s--UszpANrC--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_880/https://thepracticaldev.s3.amazonaws.com/i/ghvkpqniywro2we7di2a.png" alt="screenshot of the list notes page"></a></p> <p>If you have any further questions or want to find out more about Kno, visit <a href="https://trykno.com">trykno.com</a> or contact us at <a href="//mailto:team@trykno.com?subject=Kno-Elixir%20question">team@trykno.com</a>.</p> elixir security tutorial webdev