Authenticate The Live View

Learn how to integrate authentication with a Phoenix LiveView.

Let’s integrate our wrong_live view with the authentication infrastructure. This quick test will let us make sure our infrastructure is working. When we’re done, we’ll understand how to protect authenticated LiveView routes and know how to identify the authenticated user in a LiveView.

We’ll start in the router by putting our live route behind authentication. Then, we’ll update our LiveView’s mount/3 function to use the token from the session to find the logged-in user.

How to protect sensitive routers

When we ran the generator earlier, a scope was added to our router containing the set of routes that require a logged-in user. The scope pipes requests to such routes through two pipelines: —the browser pipeline, which establishes the policy for web requests from browsers, and the generated UserAuth.require_authenticated_user/2 function plug, which ensures that a current user is present, or else redirects to the sign-in page.

In order to authenticate our wrong_live view, we move the LiveView route into this pipeline in pento/lib/pento_web/router.ex like this:

Get hands-on with 1200+ tech skills courses.