Return 401 when User token not authenticated

[christopherdbull]

I've started using this and, firstly, just want to say it's a very nice library. I have one question though: I would've expected that the Authenticate plug would return a 401 status when a current_user wasn't found. Is there a way to easily extend the plug to do this? Or do I just need to write another plug function to check if current_user is nil?

Thanks again for the library!

[riverrun]

The Authenticate plug just handles authentication, and so it is only responsible for checking if there is a current user (either by checking the session or checking the headers for a valid token) and adding the current_user information to the conn. As for authorization / access control, the Authorization page on the wiki provides more information.

If you have set up your project with the phauxth installer - see the getting started page for details - the authorize.ex file in the controllers directory contains examples of functions / plugs to handle access control.

If you have any other questions, feel free to ask.

[christopherdbull]

Thanks for the quick response! That all makes sense now. I actually have one more question, which is unrelated so can raise another issue if this is atypical. I'm on a 2013 15in rMBP. I normally find elixir runs quite fast, but since bootstrapping a project with the installer, it takes 13seconds to run the tests, logging in takes 400ms, all much slower than any other phoenix and elixir code, and a lot of rails code. Is this normal for the phauxth installer performance in a dev environment? This is with elixir 1.5.2 and phoenix 1.3.

[riverrun]

Thanks for pointing that out. You need to add test configuration values (for the password hashing algorithm you are using) to the config/test.exs file, as in this example.

I've opened this issue, so future versions of phauxth_installer will automatically add these values to the config/test.exs file.

[christopherdbull]

Thanks for that, works much better now (0.5s) :)