phx.gen.auth sets current_scope, not current_user. Use !! to
ensure boolean for HEEx template and register_and_log_in_user
in tests for proper auth session.
- LiveView-based email/password auth via mix phx.gen.auth
- Auth links removed from public navigation (direct URL access only)
- Accounts context with User schema and token management
Ran a claude /security-review, fixed two vulnerabilities
Use a plug to resolve blog_id, returning a clean 404 for unknown blogs
instead of raising with inspect(). Parse page param with Integer.parse
so invalid values (non-numeric, negative, zero) fall back to page 1
instead of crashing. Add 5 tests covering these cases.a
Goal: have a personal blog, and try out another point in the 'modular
app design with elixir' space.
Designing OTP systems with elixir had some interesting ideas.
