hostas/lib/hostas_web/plugs/auth.ex

defmodule HostasWeb.Plugs.Auth do
  import Plug.Conn
  use HostasWeb, :controller
  import Ecto.Query, only: [from: 2]

  alias Hostas.Repo
  alias Hostas.Denizen
  alias Hostas.Token

  def init(default), do: default

  def call(conn, _default) do
    case get_req_header(conn, "authorization") |> List.first() do
      nil -> conn
        |> put_status(401)
        |> json(%{"error" => "No API key provided"})
        |> halt()
      header_value ->
        case header_value |> String.split() do
          [method, key] ->
            if method == "Bearer" do
              case Token.get(key) do
                {:ok, struct} ->
                  denizen = Repo.one!(from d in Denizen, where: d.id == ^struct.denizen_id)

                  conn
                  |> assign(:token, struct)
                  |> assign(:denizen, denizen)
                {:error, :expired} ->
                  conn
                  |> put_status(401)
                  |> json(%{"error" => "Token expired"})
                  |> halt()
                {:error, :unknown} ->
                  conn
                  |> put_status(401)
                  |> json(%{"error" => "API key not found"})
                  |> halt()
              end
            else
              conn
              |> put_status(401)
              |> json(%{"error" => "Unknown authorization method"})
              |> halt()
            end
          _ ->
            conn
            |> put_status(422)
            |> json(%{"error" => "Malformed Authorization header"})
            |> halt()
        end
    end
  end
end
Implement authorization plug 2023-06-13 17:07:45 +00:00			`defmodule HostasWeb.Plugs.Auth do`
			`import Plug.Conn`
			`use HostasWeb, :controller`
			`import Ecto.Query, only: [from: 2]`

			`alias Hostas.Repo`
			`alias Hostas.Denizen`
			`alias Hostas.Token`

			`def init(default), do: default`

			`def call(conn, _default) do`
			`case get_req_header(conn, "authorization") \|> List.first() do`
			`nil -> conn`
			`\|> put_status(401)`
			`\|> json(%{"error" => "No API key provided"})`
			`\|> halt()`
			`header_value ->`
			`case header_value \|> String.split() do`
			`[method, key] ->`
			`if method == "Bearer" do`
			`case Token.get(key) do`
			`{:ok, struct} ->`
			`denizen = Repo.one!(from d in Denizen, where: d.id == ^struct.denizen_id)`

			`conn`
			`\|> assign(:token, struct)`
			`\|> assign(:denizen, denizen)`
			`{:error, :expired} ->`
			`conn`
			`\|> put_status(401)`
			`\|> json(%{"error" => "Token expired"})`
			`\|> halt()`
			`{:error, :unknown} ->`
			`conn`
			`\|> put_status(401)`
			`\|> json(%{"error" => "API key not found"})`
			`\|> halt()`
			`end`
			`else`
			`conn`
			`\|> put_status(401)`
			`\|> json(%{"error" => "Unknown authorization method"})`
			`\|> halt()`
			`end`
			`_ ->`
			`conn`
			`\|> put_status(422)`
			`\|> json(%{"error" => "Malformed Authorization header"})`
			`\|> halt()`
			`end`
			`end`
			`end`
			`end`