Summary
Functions
Used to serve the GraphiQL API browser
Callback invoked by Plug on every request.
Callback implementation for Phoenix.VerifiedRoutes.formatted_routes/1.
(re)generates the reverse router (useful so it can be re-generated when extensions are enabled/disabled)
Used to serve GraphQL API queries
Callback required by Plug that initializes the router for serving web requests.
Rate limit plug for controllers.
Wraps protect_from_forgery to gracefully handle stale CSRF tokens by renewing the session and redirecting back.
Callback implementation for Phoenix.VerifiedRoutes.verified_route?/2.
Functions
Used to serve the GraphiQL API browser
Callback invoked by Plug on every request.
Callback implementation for Phoenix.VerifiedRoutes.formatted_routes/1.
(re)generates the reverse router (useful so it can be re-generated when extensions are enabled/disabled)
Used to serve GraphQL API queries
Callback required by Plug that initializes the router for serving web requests.
Rate limit plug for controllers.
Reads configuration from Application.get_env(:bonfire, :rate_limit)[key_prefix]
with fallback to default options provided in the plug call.
Options
:key_prefix- Atom prefix for the rate limit bucket key (required):scale_ms- Default time window in milliseconds (can be overridden by config):limit- Default number of requests (can be overridden by config):method- Optional HTTP method to rate limit (e.g., "POST"). If provided, only requestswith this method will be rate limited. All other methods pass through.
Examples
# Rate limit all requests
plug :rate_limit,
key_prefix: :api,
scale_ms: 60_000,
limit: 100
# Rate limit only POST requests (form submissions)
plug :rate_limit,
key_prefix: :forms,
scale_ms: 60_000,
limit: 5,
method: "POST"Wraps protect_from_forgery to gracefully handle stale CSRF tokens by renewing the session and redirecting back.
Callback implementation for Phoenix.VerifiedRoutes.verified_route?/2.