JWT Authentication with Elixir & Phoenix

2h 54m 2s
English
Paid

Implement JWT based authentication in Elixir. The language which powers, in one way or another (ErLang) Whatsapp, Discord, Pinterest etc. We will be using Phoenix Framework, the fantastic MVC framework for developing backends and full stack projects in Elixir. Consider Phoenix more like Express of Node.js but way more cooler of course. Well, Elixir altogether is cooler than any other language I code but nevertheless, one thing at a time.

Architecture

  1. Users

    1. Register User

      1. Accept user details like "email", "password", "username" etc. and persist it in the db (PostgreSQL).

    2. Password Hashing

      1. Store irreversible one way hashed password in the db rather than storing the plain tet password, which would be a disaster if you ask me.

    3. Login

      1. Login based on "username" and "password". Validate password w.r.t password hash stored in the db and if everything matches up issue a JWT token for further interaction with the API (protected routes).

    4. Get Authenticated User

      1. Get back the authenticated user w.r.t to token passwed in the authorization header. But avoiding spitting back the password and fetching it altogether from the db, even though it is hashed it still does not make any sense.

    5. Logout

      1. Invalidating a JWT token by storing it against the "user_id" in the db. So that after log out with a particular token, that token can not be used again for accessing private routes. We did this since JWT tokens can not be destroyed they can only be expired when there time comes. So what happens when someone logs out before their token expires? Oxygen for thought.

  2. Protected Routes

    1. Implement private routes to maintain an access control list => what can be accessed and what not. For example, a non authenticated user (guest) should not have access to the following apis

      1. Logout

      2. Ping (an example of ping pong Get request to demonstrate private route mechanism).

      3. etc...

  3. Postman

    1. Test the REST API with Postman along the way, while developing each route/api.

  4. A lot more

    1. We will be learning a lot more than written, about Elixir, Phoenix, PostgreSQL, and creating REST APIs altogether.

About the Author: udemy

udemy thumbnail
By connecting students all over the world to the best instructors, Udemy is helping individuals reach their goals and pursue their dreams. Udemy is the leading global marketplace for teaching and learning, connecting millions of students to the skills they need to succeed. Udemy helps organizations of all kinds prepare for the ever-evolving future of work. Our curated collection of top-rated business and technical courses gives companies, governments, and nonprofits the power to develop in-house expertise and satisfy employees’ hunger for learning and development.

Watch Online 6 lessons

This is a demo lesson (10:00 remaining)

You can watch up to 10 minutes for free. Subscribe to unlock all 6 lessons in this course and access 10,000+ hours of premium content across all courses.

View Pricing
0:00
/
#1: Intro
All Course Lessons (6)
#Lesson TitleDurationAccess
1
Intro Demo
06:08
2
Project Setup
17:50
3
Password hashing and Registration
28:39
4
Login and Issuing a JWT token
36:04
5
Phoenix plugs and protected routes
40:25
6
Logging out and invalidating a JWT token
44:56
Unlock unlimited learning

Get instant access to all 5 lessons in this course, plus thousands of other premium courses. One subscription, unlimited knowledge.

Learn more about subscription