Powered by AppSignal & Oban Pro
Notesclub
Sign in with GitHub
created by hec & contributors
terms privacy

Blog: Authentication

exercises/blog_authentication.livemd

avatar
Ammar Massoud
avatar
avatar
Share to X
Share to Bluesky
More notebooks

Blog: Authentication

Mix.install([
  {:jason, "~> 1.4"},
  {:kino, "~> 0.8.0", override: true},
  {:youtube, github: "brooklinjazz/youtube"},
  {:hidden_cell, github: "brooklinjazz/hidden_cell"}
])

Navigation

Return Home Report An Issue

Blog: Authentication

You’re going to add authentication and authorization to your existing Blog project.

Use the mix phx.gen.auth command to generate the initial authentication system.

mix phx.gen.auth Accounts User users

All users should be able to view all blogs, however only authorized users should be able to create, edit, and update their own blogs.

Authorization Requirements

Ensure you:

  • Associate blogs with a user. Blogs should belong to a user.
  • Allow all clients to access the :index and :show actions for blogs.
  • Allow only authenticated users to access the :new, and :create actions.
  • Allow only authorized users to access the :edit, :update, and :delete actions only for their own blogs.

Bonus: Authorized Comments

Add the same authorization for comments.

Ensure you:

  • Associate comments with a user. Comments should belong to a user and a blog.
  • Allow all clients to read all comments.
  • Allow only authenticated users to create comments.
  • Allow only authorized users to edit and delete their own comments.

Mark As Completed

file_name = Path.basename(Regex.replace(~r/#.+/, __ENV__.file, ""), ".livemd")

save_name =
  case Path.basename(__DIR__) do
    "reading" -> "blog_authentication_reading"
    "exercises" -> "blog_authentication_exercise"
  end

progress_path = __DIR__ <> "/../progress.json"
existing_progress = File.read!(progress_path) |> Jason.decode!()

default = Map.get(existing_progress, save_name, false)

form =
  Kino.Control.form(
    [
      completed: input = Kino.Input.checkbox("Mark As Completed", default: default)
    ],
    report_changes: true
  )

Task.async(fn ->
  for %{data: %{completed: completed}} <- Kino.Control.stream(form) do
    File.write!(
      progress_path,
      Jason.encode!(Map.put(existing_progress, save_name, completed), pretty: true)
    )
  end
end)

form

Commit Your Progress

Run the following in your command line from the curriculum folder to track and save your progress in a Git commit. Ensure that you do not already have undesired or unrelated changes by running git status or by checking the source control tab in Visual Studio Code.

$ git checkout -b blog-authentication-exercise
$ git add .
$ git commit -m "finish blog authentication exercise"
$ git push origin blog-authentication-exercise

Create a pull request from your blog-authentication-exercise branch to your solutions branch. Please do not create a pull request to the DockYard Academy repository as this will spam our PR tracker.

DockYard Academy Students Only:

Notify your teacher by including @BrooklinJazz in your PR description to get feedback. You (or your teacher) may merge your PR into your solutions branch after review.

If you are interested in joining the next academy cohort, sign up here to receive more news when it is available.

Up Next

Previous Next
Phoenix Authentication BookSearch: Tags

Other notebooks:

Back