Guardian.Backdoor is a plug to enable writing faster acceptance tests by skipping the sign-in process. This feature is inspired by Clearance’s backdoor.
Available in Hex, the package can be installed
by adding guardian_backdoor to your list of dependencies in mix.exs:
def deps do
[
{:guardian_backdoor, "~> 1.0.0", only: :test}
]
endAdd the following to your Phoenix router before other Guardian plugs.
if Mix.env() == :test do
plug Guardian.Plug.Backdoor, module: MyApp.Guardian
end
plug Guardian.Plug.VerifySessionNOTE: This plug is designed for acceptance testing and should never be added to a production environment.
Now that Guardian.Plug.Backdoor is installed, it's time to sign in. Pass your
claims as claims in the query string of your route.
conn = get(conn, "/", claims: %{sub: "User:1"})
resource = MyApp.Guardian.Plug.current_resource(conn)
%{"sub" => "User:1"} = MyApp.Guardian.Plug.current_claims(conn)When the Guardian.Plug.Backdoor plug runs, it fetches the resource from your
Guardian implementation with those claims and signs in.
Alternatively, encode your claims into a token and pass that as token in the
query string instead.
{:ok, token, _claims} = MyApp.Guardian.encode_and_sign(resource)
conn = get(conn, "/", token: token)
resource = MyApp.Guardian.Plug.current_resource(conn)If you're using Hound, you can write the following code.
query_params = Plug.Conn.Query.encode(claims: %{sub: "User:1"})
navigate_to("/?" <> query_params){:ok, token, _claims} = MyApp.Guardian.encode_and_sign(resource)
navigate_to("/?token=#{token}")Documentation can be generated with ExDoc and published on HexDocs. Once published, the docs can be found at https://hexdocs.pm/guardian_backdoor.