GumptionWare

Programming Phoenix LiveView B10.0: Confused about Protecting Sensitive Routes (pages 52 - 60)

On page 52, the topic of “Protecting Sensitive Routes” is introduced with this snippet from router.ex:

scope "/", PentoWeb do
  pipe_through [:browser, :require_authenticated_user]

  live_session :require_authenticated_user,
    on_mount: [{PentoWeb.UserAuth, :ensure_authenticated}] do 
     live "/users/settings", UserSettingsLive, :edit
     live "/users/settings/confirm_email/:token",
       UserSettingsLive, :confirm_email 
     live "/guess", WrongLive
   end
end

Then on page 60, the following snippet is shown for router.ex:

scope "/", PentoWeb do
  pipe_through [:browser, :require_authenticated_user]

  live_session :require_authenticated_user,
    # Specify the shared on_mount callback here
    on_mount: [{PentoWeb.UserAuth, :ensure_authenticated}] do
      live "/users/settings", UserSettingsLive, :edit
      live "/users/settings/confirm_email/:token",
        UserSettingsLive, :confirm_email 
      live "/guess", WrongLive
  end 
end

The only difference I can see is the addition of the # Specify the shared on_mount callback here comment.

So what I am confused by is what has changed that enables us to remove the user = Accounts.get_user_by_session_token(session["user_token"]), session_id: session["live_socket_id"], and current_user: user lines from wrong_live.ex per this guidance on page 60: “With this in place, we can remove the auth code from the WrongLive’s own mount function.”

I have re-read this section several times, but I am still not understanding what that comment (# Specify the shared on_mount callback here) means, since those two router.ex code snippets are otherwise identical.

3 comments

#question /book-programming-phoenix-liveview

0 341 3

2024-12-10 16:12:35 UTC

Marked As Solved

SophieDeBenedetto

Author of Programming Phoenix LiveView

Thanks for all the feedback! The upcoming beta release of the book should include the following:

An initial version of the mount function in GuessLive that looks up the current user and adds them to socket assigns
A clarification that the ‘guess’ live route will already be added to the live session that uses the generated ensure_authenticated on_mount function from the start

Post #4

Where Next?

View thread on forum

View Programming Phoenix Liveview's book portal

Post errata for this book

Post a suggestion for this book

Post a question about this book

Post a review about this book

question

Home PragProg Customers

#question /book-programming-phoenix-liveview

0 341 3

Last post

Popular Pragmatic Bookshelf topics

PragProg Customers

Distributed Services With Go - Agent_test.go error line 77

This test is broken right out of the box… — FAIL: TestAgent (7.82s) agent_test.go:77: Error Trace: agent_test.go:77 agent_test.go:...

#errata /book-distributed-services-with-go

4 1559 7

2020-06-26 06:50:51 UTC

New

PragProg Customers

The Pragmatic Programmer, 20th Anniversary Edition errata

Some minor things in the paper edition that says “3 2020” on the title page verso, not mentioned in the book’s errata online: p. 186 But...

#errata /book-the-pragmatic-programmer-20th-anniversary-edition

10 2636 9

2024-09-02 13:34:40 UTC

New

PragProg Customers

Apple Game Frameworks and Technologies: Screen image may be wrong (p 13)

Working through the steps (checking that the Info,plist matches exactly), run the demo game and what appears is grey but does not fill th...

#errata /book-apple-game-frameworks-and-technologies

11 1081 5

2021-05-15 17:31:07 UTC

New

PragProg Customers

Build Websites with Hugo: Code will not run in a working Hugo setup

Hello Brian, I have some problems with running the code in your book. I like the style of the book very much and I have learnt a lot as...

#question /book-build-websites-with-hugo

0 1501 3

2021-01-29 18:54:24 UTC

New

PragProg Customers

Hands-On Rust: Wrong multiplier for 8x8 console in main.rs

Title: Hands-On Rust (Chap 8 (Adding a Heads Up Display) It looks like .with_simple_console_no_bg(SCREEN_WIDTH*2, SCREEN_HEIGHT*2...

#errata /book-hands-on-rust

9 2026 5

2022-02-15 14:09:12 UTC

New

PragProg Customers

Python Testing with pytest, Second Edition: File not Found Error (page 43)

I ran this command after installing the sample application: $ cards add do something --owner Brian And got a file not found error: Fil...

#errata /book-python-testing-with-pytest-second-edition

5 4391 7

2021-07-03 13:51:08 UTC

New

PragProg Customers

Kotlin and Android Development featuring Jetpack: Error in generated Game.java (page 136)

I’m under the impression that when the reader gets to page 136 (“View Data with the Database Inspector”), the code SHOULD be able to buil...

#question /book-kotlin-and-android-development-featuring-jetpack

2 1172 8

2021-09-17 18:06:54 UTC

New

PragProg Customers

Python Testing with pytest, Second Edition:Abou epub format

Is the book’s epub format available to read on Google Play Books?

#question /book-python-testing-with-pytest-second-edition

0 1126 3

2022-01-20 20:47:42 UTC

New

PragProg Customers

Agile Web Development with Rails 7: page 113 - Seeing the list of products

I’m a newbie to Rails 7 and have hit an issue with the bin/Dev script mentioned on pages 112-113. Iteration A1 - Seeing the list of prod...

#question /book-agile-web-development-with-rails-7

0 2631 9

2024-01-06 20:36:27 UTC

New

PragProg Customers

Hands on Rust: Need help with error - thread 'main' panicked at 'Failed to load texture

Hi, I need some help, I’m new to rust and was learning through your book. but I got stuck at the last stage of distribution. Whenever I t...

#question /book-hands-on-rust

3 1989 5

2022-12-03 00:17:31 UTC

New

Other popular topics

General Dev>Dev Chat

What dev-related stuff have you been up to?

Reading something? Working on something? Planning something? Changing jobs even!? If you’re up for sharing, please let us know what you’...

#community

1051 21715 396

2026-02-05 08:11:31 UTC

New

General Dev>Dev Chat

What are you listening to?

A thread that every forum needs! Simply post a link to a track on YouTube (or SoundCloud or Vimeo amongst others!) on a separate line an...

#community #music

202 5126 102

2025-07-26 22:00:31 UTC

New

General Dev>Hardware

Which keyboard do you have?

If it’s a mechanical keyboard, which switches do you have? Would you recommend it? Why? What will your next keyboard be? Pics always w...

#hardware /keyboards #sticky #mechanical-keyboards

144 9115 50

2021-01-07 23:58:36 UTC

New

Game Dev>Learning Resources

The Ray Tracer Challenge

Brace yourself for a fun challenge: build a photorealistic 3D renderer from scratch! In just a couple of weeks, build a ray tracer that r...

pragprog.com

#pragprog #published-book /book-the-ray-tracer-challenge #algorithms

3 6115 0

2020-09-22 14:26:56 UTC

New

General Dev>Code Editors

Poll: Which code editor do you use?

You might be thinking we should just ask who’s not using VSCode :joy: however there are some new additions in the space that might give V...

#community #polls /vim /emacs #code-editors /vscode #notepad /sublime-text #atom /textmate #codespaces #brackets /onivim #geany

121 5796 61

2025-09-05 00:52:19 UTC

New

General Dev>Hardware

Planck vs Preonic vs Subatomic (Keyboards)

I ended up cancelling my Moonlander order as I think it’s just going to be a bit too bulky for me. I think the Planck and the Preonic (o...

/keyboards #mechanical-keyboards #ortholinear #planck #preonic

105 17596 47

2021-05-28 21:32:35 UTC

New

Backend>Learning Resources