Gain insights into building fast, resource-efficient real-time applications using Elixir and Phoenix. Delve into websockets, GenStage, Phoenix Tracker, and production deployment practices for seamless user experiences.

_Real-Time Phoenix by The Pragmatic Programmer_ .png

Phoenix.tar.gz

Start in terminal

Direct start

Start in terminal with new deps

sneakers_initial

sneakers

sneakers-chromedriver

sneakers cart initial

sneakers cart

sneakers admin initial

sneakers admin

memory initial

observer

live view

react example

sneakers observer

sneakers observer-copy

Tracker

In this course, you will learn how to build real-time applications that will be fast with less resource overhead. Today’s software users expect the data on their screens to reflect instantly. You will win your users’ trust by giving them a seamless application experience powered by real-time features.

This course is broken up into three parts. In Part 1, you will focus on the essential part of the real-time stack (Elixir, - Phoenix channels, websockets, and GenStage). This will set the foundation for building real-time applications.

In Part 2, you will add features to an e-commerce application that serves many users simultaneously. You will also get to work with some of the more advanced features of Phoenix, such as Phoenix Tracker.

In Part 3, you will finish the course with guidance on running real-time applications in production. The battle is only beginning when you write an application. You have to then keep it healthy and happy in production.

Building Real-time Applications with Phoenix & Elixir

# Tokens

`Phoenix.Token` provides a great way to integrate authentication into an Elixir application, but it is an Elixir-specific solution. Sometimes we need a cross-language solution to tokens. For example, we may need a solution where the message contents can be used from JavaScript to view the contents and expiration independent of the several. On the other hand, we could need to generate a token in a microservice that operates Ruby, or any different language, to allow access to our real-time application.

# JSON Web Token
Alternatives to `Phoenix.Token` can help us in these situations. A widespread web standard for authentication is the `JSON Web Token` [JWT](https://jwt.io/introduction). JWTs are cryptographically secure but not encrypted, though an encrypted variant called JWE does exist. So, they meet the same security standard as `Phoenix.Token`. However, one significant difference is that JWT is a standardized format that can be consumed easily in nearly any language, including the front-end client. We can use this in our client code to detect if a JWT expired before sending the credential to the server. We’ll have to do a bit more work to use JWTs than `Phoenix.Token` because JWT support is not included out-of-the-box with Phoenix. JWTs are not a proper replacement for cookie-based authentication. They should only pass a user session between different parts of an application.

>**Author’s Note:** [Joken](https://github.com/joken-elixir/joken) is my go-to library for handling JWTs in Elixir. I use it in all my Elixir projects and highly recommend it. We’ll use `Phoenix.Token` in this course since it is already included and set up for our project. However, consider looking into JWT if you need a cross-language solution or if you need firmly secured tokens through standards such as RSA encryption. 

Whether we’re using Phoenix Tokens, JWT, or another technology, it’s essential to set the token’s expiration to a low enough value. A token is the user’s way to get into our system, and a user has access for the duration of the token. Pick a token duration that is long enough to be convenient but short enough to provide security for our users—a good default is 10 minutes. Some techniques can invalidate tokens before they’re expired, such as token blocklists, but we won’t cover them in this course.

Socket authentication provides a nice layer of security, but it doesn’t cover everything. It is also essential to secure private topics at the Channel level.


Learn about the different types of tokens.

Different Types of Tokens

Getting Started with Phoenix

Powering Real-time Applications with Phoenix

First Steps with Phoenix Channels

Restrict Socket and Channel Access

Dive Deep into Phoenix Channels

Avoid Performance Pitfalls

Build a Real-time Sneaker Store

Break Your Application with Acceptance Tests

Build a Real-time Shopping Cart

Track Connected Carts with Presence

Deploy Our Application to Production

Manage Real-time Resources

Hands-on with Phoenix LiveView

Single-page Applications with React

Wrap Up!

Appendix

Different Types of Tokens

Tokens