CF

JWT Authentication with Elixir & Phoenix

2h 54m 2s
English
Paid

Implement JWT based authentication in Elixir. The language which powers, in one way or another (ErLang) Whatsapp, Discord, Pinterest etc. We will be using Phoenix Framework, the fantastic MVC framework for developing backends and full stack projects in Elixir. Consider Phoenix more like Express of Node.js but way more cooler of course. Well, Elixir altogether is cooler than any other language I code but nevertheless, one thing at a time.

Architecture

  1. Users

    1. Register User

      1. Accept user details like "email", "password", "username" etc. and persist it in the db (PostgreSQL).

    2. Password Hashing

      1. Store irreversible one way hashed password in the db rather than storing the plain tet password, which would be a disaster if you ask me.

    3. Login

      1. Login based on "username" and "password". Validate password w.r.t password hash stored in the db and if everything matches up issue a JWT token for further interaction with the API (protected routes).

    4. Get Authenticated User

      1. Get back the authenticated user w.r.t to token passwed in the authorization header. But avoiding spitting back the password and fetching it altogether from the db, even though it is hashed it still does not make any sense.

    5. Logout

      1. Invalidating a JWT token by storing it against the "user_id" in the db. So that after log out with a particular token, that token can not be used again for accessing private routes. We did this since JWT tokens can not be destroyed they can only be expired when there time comes. So what happens when someone logs out before their token expires? Oxygen for thought.

  2. Protected Routes

    1. Implement private routes to maintain an access control list => what can be accessed and what not. For example, a non authenticated user (guest) should not have access to the following apis

      1. Logout

      2. Ping (an example of ping pong Get request to demonstrate private route mechanism).

      3. etc...

  3. Postman

    1. Test the REST API with Postman along the way, while developing each route/api.

  4. A lot more

    1. We will be learning a lot more than written, about Elixir, Phoenix, PostgreSQL, and creating REST APIs altogether.

About the Author: Udemy

Udemy thumbnail

Udemy is the largest open marketplace for online courses on the internet. Founded in 2010 by Eren Bali, Oktay Caglar, and Gagan Biyani and headquartered in San Francisco, the company went public on the Nasdaq in 2021 under the ticker UDMY. The platform hosts well over two hundred thousand courses across software development, IT and cloud, data science, design, business, marketing, and creative skills, taught by tens of thousands of independent instructors. Roughly seventy million learners use it worldwide, and the corporate arm — Udemy Business — supplies a curated subset of that catalog to enterprise customers.

Because Udemy is a marketplace rather than a single editorial publisher, the catalog is uneven by design. The strongest material lives in the long-form, project-based courses authored by working engineers — full-stack JavaScript, React, Node.js, Python data science, AWS, Docker and Kubernetes, mobile development with Flutter and React Native, and cloud certification preparation. The CourseFlix listing under this source is the slice of that catalog that has been mirrored here for offline-friendly viewing, organized by topic and updated as new releases land. Pricing on Udemy itself swings dramatically with the site's near-permanent sales, which is why the platform is best treated as a deep reference catalog: pick instructors with strong reviews and a track record of updating their material rather than buying on the headline price alone.

Watch Online 6 lessons

This is a demo lesson (10:00 remaining)

You can watch up to 10 minutes for free. Subscribe to unlock all 6 lessons in this course and access 10,000+ hours of premium content across all courses.

View Pricing
0:00
/
#1: Intro
All Course Lessons (6)
#Lesson TitleDurationAccess
1
Intro Demo
06:08
2
Project Setup
17:50
3
Password hashing and Registration
28:39
4
Login and Issuing a JWT token
36:04
5
Phoenix plugs and protected routes
40:25
6
Logging out and invalidating a JWT token
44:56
Unlock unlimited learning

Get instant access to all 5 lessons in this course, plus thousands of other premium courses. One subscription, unlimited knowledge.

Learn more about subscription

Related courses

  • The Complete Elixir and Phoenix Bootcamp thumbnailUpdated 3mo ago

    The Complete Elixir and Phoenix Bootcamp

    By: Udemy, Stephen Grider
    Elixir and Phoenix are two of the hottest technologies of 2017. Functional Programming? You will learn it. Phoenix with OAuth? Its here. Postgres for data sto
    17h 22m
  • Elixir & Phoenix for Beginners thumbnailUpdated 3y ago

    Elixir & Phoenix for Beginners

    By: KnowThen (James Moore)
    The above statement is conventional wisdom that I'm sure most of us programmers would generally agree with, but let me ask you this, do you think each of the 20
    17h 24m
  • Elixir for Programmers thumbnailUpdated 2y ago

    Elixir for Programmers

    By: Coding Gnome (Bruce Tate)
    But you want more. True mastery of Elixir comes from understanding the underlying idioms: functional programming, transformations, concurrency.
    7h 19m5/5

Frequently asked questions

What are the prerequisites for this course?
Before enrolling in this course, students should have a basic understanding of the Elixir programming language and the Phoenix framework. Familiarity with concepts like MVC architecture and basic web development principles will also be beneficial. No prior experience with JWT (JSON Web Tokens) is required as the course will cover it in detail.
What will I build during this course?
Students will work on implementing JWT-based authentication in an Elixir application using the Phoenix framework. Key components built include user registration with password hashing, login functionality that issues JWT tokens, and the creation of protected routes using Phoenix plugs. The course also covers logging out and invalidating JWT tokens.
Who is the target audience for this course?
This course is designed for developers who are interested in enhancing their web applications with authentication features using Elixir and the Phoenix framework. It is suitable for those who have foundational knowledge in Elixir and are looking to implement secure authentication mechanisms in their projects.
How does this course compare in scope to other authentication courses?
This course specifically focuses on JWT-based authentication within the context of Elixir and Phoenix, providing a specialized approach compared to general authentication courses. It dives into the implementation details of JWT in a Phoenix application, covering unique aspects like Phoenix plugs and route protection.
What specific tools or platforms are covered?
The course covers the Phoenix framework extensively, which is used to build the backend application. It also involves the use of JWT for authentication purposes and demonstrates the use of Phoenix plugs to create protected routes within an Elixir application.
What topics are not covered in this course?
While the course provides a deep dive into JWT authentication with Elixir and Phoenix, it does not cover other authentication methods like OAuth, SAML, or session-based authentication. It also does not delve into frontend development or integrations with other languages or frameworks.
How much time should I expect to commit to this course?
The course consists of 6 lessons, but the total runtime is not specified. Students should anticipate spending additional time on practice and implementation of the concepts discussed, especially if they are new to JWT or the Phoenix framework. A commitment to thoroughly reviewing the lesson content and applying it practically will enhance the learning experience.