README.md

# Access Token

[![Build Status](https://travis-ci.org/fertapric/access_token.svg?branch=master)](https://travis-ci.org/fertapric/access_token)
[![Inline docs](http://inch-ci.org/github/fertapric/access_token.svg)](http://inch-ci.org/github/fertapric/access_token)
[![Deps Status](https://beta.hexfaktor.org/badge/all/github/fertapric/access_token.svg)](https://beta.hexfaktor.org/github/fertapric/access_token)


A plug for extracting the access token from the request.

The token may be sent by the request either via the params with key `access_token` or a header with name `Authorization` and content `Bearer <access token>`.

## Installation

Add Access Token to your project's dependencies in `mix.exs`:

```elixir
def deps do
  [{:access_token, "~> 0.1.0"}]
end
```

And fetch your project's dependencies:

```shell
$ mix deps.get
```

## Usage

To use it, just plug it into the desired module:

```elixir
plug AccessToken
```

If present, the access token will be accessible through the `assigns` map of the connection.

```elixir
conn.assigns[:access_token]
```

### Options

  * `:param` - The name of the HTTP *request* parameter to check for
    the access token. Default value is "access_token".

      ```elixir
      plug AccessToken, param: "token"
      ```

  * `:http_header` - The name of the HTTP *request* header to check for
    the access token. Default value is "authorization".

      ```elixir
      plug AccessToken, http_header: "custom-authorization"
      ```

  * `:http_header_prefix` - The prefix of the HTTP *request* authorization header.
    Default value is "Bearer".

      ```elixir
      plug AccessToken, http_header_prefix: "Token"
      ```

  * `:assign_to` - The name of the key to assign the access token.
    Defaults to `:access_token`

        ```elixir
        plug AccessToken, assign_to: :token
        ```

  * `:error_status` - The status code to be returned in case the access token is not
    present. The status can be `nil`, an integer or an atom. The list of allowed atoms
    is available in `Plug.Conn.Status`. Defaults to `:unauthorized`

      ```elixir
      plug AccessToken, error_status: :forbidden
      ```

  * `:error_handler` - The function to be called in case the access token is not
    present. The `:error_handler` is set using a `{module, function, args}` tuple.
    The function will receive the `conn` followed by the list of `args` provided.

      ```elixir
      plug AccessToken,
        error_handler: {Phoenix.Controller, :render, [MyAppWeb.ErrorView, "401.json"]}
      ```

## Documentation

Documentation is available at http://hexdocs.pm/access_token

## Contributing

Bug reports and pull requests are welcome on GitHub at https://github.com/fertapric/access_token. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [Contributor Covenant](http://contributor-covenant.org) code of conduct.

### Running tests

Clone the repo and fetch its dependencies:

```shell
$ git clone https://github.com/fertapric/access_token.git
$ cd access_token
$ mix deps.get
$ mix test
```

### Building docs

```shell
$ MIX_ENV=docs mix docs
```

## License

**Access Token** is released under the [MIT License](http://www.opensource.org/licenses/MIT).

## Author

Fernando Tapia Rico, [@fertapric](https://twitter.com/fertapric)