Gain insights into building scalable backend applications with Elixir, OTP, and Phoenix. Learn about persistent connections via Phoenix Channels, and explore distinct, decoupled application layers.

Functional Web Development with  Elixir, OTP and Phoenix by The Pragmatic Programmer_ .png

elixir_islands_test.tar.gz

elixir-app

pheonix-app

elixir-app-guesses

island-interface

phoenix-app-compiled

phoenix-app-iex

phoenix-app-form

phoenix-app-new-module

client-connection

presence

phoenix-app-final

without-presence

Elixir and OTP provide exceptional tools to build rock-solid backend applications that scale. In this course, you’ll build a web application in a radically different way, with a backend that holds application state. You’ll use persistent Phoenix Channel connections instead of HTTP’s request-response, and create the full application in distinct, decoupled layers.

In Part 1, you’ll start by building the business logic as a separate application, without Phoenix. You’ll model the application domain with Elixir functions and simple data structures.

In Part 2, you’ll add in the GenServer Behaviour to make managing in-memory state a breeze. 

In Part 3, you’ll build a web interface with Phoenix where you’ll use Phoenix Channels to establish persistent connections between the stateful server and a stateful front-end client.

Needless to say, you’re going to love this way of building web apps!

Functional Web Development with Elixir, OTP and Phoenix

# Permissible actions

In this last lesson, we tackle **authorization**: deciding if an action is permissible. The action we really care about is joining a Channel. The rules for this are simple. We want only two players to join a Channel on any given topic-subtopic and also want those two players to have different screen names.

> ### Authentication resources
>
> In Islands, we don’t need **authentication**—determining if users are who they say they are. If your application needs authentication, there are resources out there to help. Check out the documentation for `Phoenix.Token` if token-based authentication is needed.

Now that we have Presence, we can write functions to check both of the authorization conditions we outline. We can roll them into a single function that determines whether a given player can join.

The first condition we need to check is the number of players that have already joined the Channel. The `Presence.list/1` function returns a map. This map’s keys are the screen names of all the players who have joined the channel on a specific topic-subtopic. We can write a function to return that number by getting the Presence list and counting the keys:

```Elixir
defp number_of_players(socket) do 
  socket
  |> Presence.list()
  |> Map.keys()
  |> length()
end
```

With these two functions, we have enough information to see if a player is authorized to join the Channel:

```Elixir
defp authorized?(socket, screen_name) do
  number_of_players(socket) < 2 && !existing_player?(socket, screen_name)
end
```

We can also tell if a player is already subscribed to this game Channel by checking if a given screen name is already a key in the Presence map:

```Elixir
defp existing_player?(socket, screen_name) do 
  socket
  |> Presence.list()
  |> Map.has_key?(screen_name)
end
```

# New IEx session

Now, we can use the `authorized?/2` function in `join/3` to decide if we should let a new player join:

```Elixir
def join("game:" <> _player, %{"screen_name" => screen_name}, socket) do
  if authorized?(socket, screen_name) do
    send(self(), {:after_join, screen_name})
    {:ok, socket}
  else
    {:error, %{reason: "unauthorized"}}
  end
end
```

> **Note:** Run the app below and open the SPA link in two separate browser tabs. Run the following commands in the JavaScript consoles as instructed.

Learn how to implement the authorization feature.

Authorization

Introduction

Mapping Our Route

Model Data and Behavior

Working of State Machines

Add OTP for Concurrency and Fault Tolerance

Process Supervision for Recovery

Generate a New Web Interface with Phoenix

Create Persistent Connections with Phoenix Channels

Appendix

Authorization

Permissible actions

Authentication resources