GumptionWare

Programming Phoenix LiveView B10.0: Confused about Protecting Sensitive Routes (pages 52 - 60)

On page 52, the topic of “Protecting Sensitive Routes” is introduced with this snippet from router.ex:

scope "/", PentoWeb do
  pipe_through [:browser, :require_authenticated_user]

  live_session :require_authenticated_user,
    on_mount: [{PentoWeb.UserAuth, :ensure_authenticated}] do 
     live "/users/settings", UserSettingsLive, :edit
     live "/users/settings/confirm_email/:token",
       UserSettingsLive, :confirm_email 
     live "/guess", WrongLive
   end
end

Then on page 60, the following snippet is shown for router.ex:

scope "/", PentoWeb do
  pipe_through [:browser, :require_authenticated_user]

  live_session :require_authenticated_user,
    # Specify the shared on_mount callback here
    on_mount: [{PentoWeb.UserAuth, :ensure_authenticated}] do
      live "/users/settings", UserSettingsLive, :edit
      live "/users/settings/confirm_email/:token",
        UserSettingsLive, :confirm_email 
      live "/guess", WrongLive
  end 
end

The only difference I can see is the addition of the # Specify the shared on_mount callback here comment.

So what I am confused by is what has changed that enables us to remove the user = Accounts.get_user_by_session_token(session["user_token"]), session_id: session["live_socket_id"], and current_user: user lines from wrong_live.ex per this guidance on page 60: “With this in place, we can remove the auth code from the WrongLive’s own mount function.”

I have re-read this section several times, but I am still not understanding what that comment (# Specify the shared on_mount callback here) means, since those two router.ex code snippets are otherwise identical.

3 comments

#question /book-programming-phoenix-liveview

0 341 3

2024-12-10 16:12:35 UTC

Marked As Solved

SophieDeBenedetto

Author of Programming Phoenix LiveView

Thanks for all the feedback! The upcoming beta release of the book should include the following:

An initial version of the mount function in GuessLive that looks up the current user and adds them to socket assigns
A clarification that the ‘guess’ live route will already be added to the live session that uses the generated ensure_authenticated on_mount function from the start

Post #4

Where Next?

View thread on forum

View Programming Phoenix Liveview's book portal

Post errata for this book

Post a suggestion for this book

Post a question about this book

Post a review about this book

question

Home PragProg Customers

#question /book-programming-phoenix-liveview

0 341 3

Last post

Popular Pragmatic Bookshelf topics

PragProg Customers

Distributed Services With Go - gogoproto on linux

page 20: … protoc command… I had to additionally run the following go get commands in order to be able to compile protobuf code using go...

#errata /book-distributed-services-with-go

14 2953 7

2020-10-16 05:21:10 UTC

New

PragProg Customers

Distributed Services With Go - Agent_test.go error line 77

This test is broken right out of the box… — FAIL: TestAgent (7.82s) agent_test.go:77: Error Trace: agent_test.go:77 agent_test.go:...

#errata /book-distributed-services-with-go

4 1559 7

2020-06-26 06:50:51 UTC

New

PragProg Customers

Python Testing with pytest - Chapter 5 example c AttributeError: 'module' object has no attribute 'config'

Running the examples in chapter 5 c under pytest 5.4.1 causes an AttributeError: ‘module’ object has no attribute ‘config’. In particula...

#errata /book-python-testing-with-pytest

5 3582 1

2020-07-14 20:43:55 UTC

New

PragProg Customers

Python Testing with pytest: pytest now requires markers to be declared (downloadable code)

Many tasks_proj/tests directories exist in chapters 2, 3, 5 that have tests that use the custom markers smoke and get, which are not decl...

#errata /book-python-testing-with-pytest

2 1383 2

2021-02-16 14:15:02 UTC

New

PragProg Customers

Build Websites with Hugo: Code will not run in a working Hugo setup

Hello Brian, I have some problems with running the code in your book. I like the style of the book very much and I have learnt a lot as...

#question /book-build-websites-with-hugo

0 1501 3

2021-01-29 18:54:24 UTC

New

PragProg Customers

Programming Machine Learning: Incorrect formula

Hi everyone! There is an error on the page 71 in the book “Programming machine learning from coding to depp learning” P. Perrotta. You c...

#errata /book-programming-machine-learning

5 1341 4

2022-04-06 12:03:54 UTC

New

PragProg Customers

Concurrent Data Processing in Elixir: various errata

Hi @Margaret , On page VII the book tells us the example and snippets will be all using Elixir version 1.11 But on page 3 almost the en...

#errata /book-concurrent-data-processing-in-elixir

15 1549 13

2021-04-11 17:34:47 UTC

New

PragProg Customers

Modern Front-End Development for Rails: B7 no main folder in the source code (page xv)

On the page xv there is an instruction to run bin/setup from the main folder. I downloaded the source code today (12/03/21) and can’t see...

#errata /book-modern-front-end-development-for-rails

2 1452 11

2022-03-08 17:27:57 UTC

New

PragProg Customers

The Ray Tracer Challenge: cannot pass scaling test (page 69-70)

The test is as follows: Scenario: Intersecting a scaled sphere with a ray Given r ← ray(point(0, 0, -5), vector(0, 0, 1)) And s ← sphere...

#question /book-the-ray-tracer-challenge

1 1093 4

2022-07-27 09:47:44 UTC

New

PragProg Customers

Bug with dx/build - how to workaround until fix is up

Hello faithful readers! If you have tried to follow along in the book, you are asked to start up the dev environment via dx/build and ar...

#errata /book-ruby-on-rails-background-jobs-with-sidekiq

3 1178 19

2024-01-23 22:22:16 UTC

New

Other popular topics

Backend>Learning Resources

Testing Elixir

Write Elixir tests that you can be proud of. Dive into Elixir’s test philosophy and gain mastery over the terminology and concepts that u...

pragprog.com

#pragprog /elixir #published-book /book-testing-elixir

33 5004 8

2021-01-05 06:17:50 UTC

New

Linux>Questions

AMD or Intel for Programming with Linux as the OS?

I am thinking in building or buy a desktop computer for programing, both professionally and on my free time, and my choice of OS is Linux...

#mobile #android #web-development #linux #desktop-computer #mobile-development

36 6006 10

2020-07-12 20:50:05 UTC

New

Backend>Chat

Would you use Erlang now when there is Elixir?

Why, if your answer is yes?

/elixir /erlang

167 4955 52

2021-04-22 18:15:44 UTC

New

General Dev>Code Editors

Poll: Which code editor do you use?

You might be thinking we should just ask who’s not using VSCode :joy: however there are some new additions in the space that might give V...

#community #polls /vim /emacs #code-editors /vscode #notepad /sublime-text #atom /textmate #codespaces #brackets /onivim #geany

121 5796 61

2025-09-05 00:52:19 UTC

New

General Dev>Hardware

Poll: Which keyboard layout do you use?

poll poll Be sure to check out @Dusty’s article posted here: An Introduction to Alternative Keyboard Layouts It’s one of the best write-...

colemakmods.github.io

#polls /keyboards

10 6048 11

2020-10-31 23:12:33 UTC

New

Data Science

Genetic Algorithms in Elixir

From finance to artificial intelligence, genetic algorithms are a powerful tool with a wide array of applications. But you don't need an ...

#pragprog #ai /elixir #published-book /book-genetic-algorithms-in-elixir

25 5243 6

2021-02-09 12:32:09 UTC

New

General Dev>Dev Chat

How fast do you type? Check your WPM here!

Do the test and post your score :nerd_face: :keyboard: If possible, please add info such as the keyboard you’re using, the layout (Qw...

typing-speed-test.aoeu.eu

/keyboards

82 7682 31

2021-07-10 05:52:20 UTC

New

Backend>Learning Resources