JWT Authentication with Elixir & Phoenix
Aman Bhardwaj
2:53:56
Description
Dive into the functional programming realm with none other than Elixir, the stack which powers Whatsapp, Discord etc.
What You'll Learn?
- Learn how to implement JWT based authentication in rest style with Elixir & Phoenix
- Register, Login, Logout, Protected Rooutes, we have it all
- A pure hands on course, no theories no slides only VS-Code and Postman
- Dive into the tech stack which powers our very own WhatsApp, Discord, Pinterest and alike.
Who is this for?
What You Need to Know?
More details
DescriptionImplement JWT based authentication in Elixir. The language which powers, in one way or another (ErLang) Whatsapp, Discord, Pinterest etc.
We will be using Phoenix Framework, the fantastic MVC framework for developing backends and full stack projects in Elixir. Consider Phoenix more like Express of Node.js but way more cooler of course. Well, Elixir altogether is cooler than any other language I code but nevertheless, one thing at a time.
Architecture
Users
Register User
Accept user details like "email", "password", "username" etc. and persist it in the db (PostgreSQL).
Password Hashing
Store irreversible one way hashed password in the db rather than storing the plain tet password, which would be a disaster if you ask me.
Login
Login based on "username" and "password". Validate password w.r.t password hash stored in the db and if everything matches up issue a JWT token for further interaction with the API (protected routes).
Get Authenticated User
Get back the authenticated user w.r.t to token passwed in the authorization header. But avoiding spitting back the password and fetching it altogether from the db, even though it is hashed it still does not make any sense.
Logout
Invalidating a JWT token by storing it against the "user_id" in the db. So that after log out with a particular token, that token can not be used again for accessing private routes. We did this since JWT tokens can not be destroyed they can only be expired when there time comes. So what happens when someone logs out before their token expires? Oxygen for thought.
Protected Routes
Implement private routes to maintain an access control list => what can be accessed and what not. For example, a non authenticated user (guest) should not have access to the following apis
Logout
Ping (an example of ping pong Get request to demonstrate private route mechanism).
etc...
Postman
Test the REST API with Postman along the way, while developing each route/api.
A lot more
We will be learning a lot more than written, about Elixir, Phoenix, PostgreSQL, and creating REST APIs altogether.
Who this course is for:
- Amateur Elixir Developers and functional programming enthusiasts
Implement JWT based authentication in Elixir. The language which powers, in one way or another (ErLang) Whatsapp, Discord, Pinterest etc.
We will be using Phoenix Framework, the fantastic MVC framework for developing backends and full stack projects in Elixir. Consider Phoenix more like Express of Node.js but way more cooler of course. Well, Elixir altogether is cooler than any other language I code but nevertheless, one thing at a time.
Architecture
Users
Register User
Accept user details like "email", "password", "username" etc. and persist it in the db (PostgreSQL).
Password Hashing
Store irreversible one way hashed password in the db rather than storing the plain tet password, which would be a disaster if you ask me.
Login
Login based on "username" and "password". Validate password w.r.t password hash stored in the db and if everything matches up issue a JWT token for further interaction with the API (protected routes).
Get Authenticated User
Get back the authenticated user w.r.t to token passwed in the authorization header. But avoiding spitting back the password and fetching it altogether from the db, even though it is hashed it still does not make any sense.
Logout
Invalidating a JWT token by storing it against the "user_id" in the db. So that after log out with a particular token, that token can not be used again for accessing private routes. We did this since JWT tokens can not be destroyed they can only be expired when there time comes. So what happens when someone logs out before their token expires? Oxygen for thought.
Protected Routes
Implement private routes to maintain an access control list => what can be accessed and what not. For example, a non authenticated user (guest) should not have access to the following apis
Logout
Ping (an example of ping pong Get request to demonstrate private route mechanism).
etc...
Postman
Test the REST API with Postman along the way, while developing each route/api.
A lot more
We will be learning a lot more than written, about Elixir, Phoenix, PostgreSQL, and creating REST APIs altogether.
Who this course is for:
- Amateur Elixir Developers and functional programming enthusiasts
User Reviews
Rating
Aman Bhardwaj
Instructor's Courses
Udemy
View courses Udemy- language english
- Training sessions 6
- duration 2:53:56
- English subtitles has
- Release Date 2024/02/04
