How to only ensure authenticated on some functions in elixir module

Question

I'm trying to implement Guardian jwt in an phoenixframework project.

I have a user_controller.ex module with the following functions: index, create, show, update, and delete

I only want to make sure users are authenticated on update and delete

If I put plug Guardian.Plug.EnsureAuthenticated, handler: SessionController at the top of the module all function require authentication.

I tried to do this:

plug Guardian.Plug.EnsureAuthenticated, %{ on_failure: { SessionController, :unauthenticated } } when not action in [:index, :create, :show], which does work as desired but I get the following error in the console: [warn] :on_failure is deprecated. Use the :handler option instead

So the question is: How to only require authentication on update and delete using the handler argument?

Answer 1

plug Guardian.Plug.EnsureAuthenticated, [handler: SessionController] when action in [:update, :delete]