Hello, found another little change probably needed
In router.ex
, the /products
block in the root scope probably needs an its own :require_authenticated_user
scope.
instead of
# pento_web/router.ex
scope "/", PentoWeb do
pipe_through :browser
live "/", PageLive, :index
live "/products", ProductLive.Index, :index
live "/products/new", ProductLive.Index, :new
live "/products/:id/edit", ProductLive.Index, :edit
live "/products/:id", ProductLive.Show, :show
live "/products/:id/show/edit", ProductLive.Show, :edit
end
something like
# pento_web/router.ex
scope "/", PentoWeb do
pipe_through :browser
live "/", PageLive, :index
end
scope "/", PentoWeb do
pipe_through [:browser, :require_authenticated_user]
live "/products", ProductLive.Index, :index
live "/products/new", ProductLive.Index, :new
live "/products/:id/edit", ProductLive.Index, :edit
live "/products/:id", ProductLive.Show, :show
live "/products/:id/show/edit", ProductLive.Show, :edit
end
This because in the ProductLive, mount/3
will expect a user_token in its session map parameter:
def mount(_params, %{"user_token" => token}, socket) do
so it will fail if unauthenticated users (those without a user_token) try to access ProductLive.Index or ProductLive.Show.