What you should know about the live_session macro Imagine you have a few endpoints and would like to group their authorization rules. With [live_session/3](https://hexdocs.pm/phoenix_live_view/Phoenix.LiveView.Router.html#live_session/3) , can achieve that! `live_session` has three options: 1. `session` - name of the session 2. `on_mount` - callback function 3. `root_layout` - apply a different layout to the group It is important to understand the **[Security Considerations](https://hexdocs.pm/phoenix_live_view/Phoenix.LiveView.Router.html#live_session/3-security-considerations)** of `live_session`, especially for handling **authentication** and **authorization** in your LiveView. In the following example, we use **live_session** to set a new **root_layout** only for admin users, and authorize admins only in the `:admin` `UserHook` ```elixir live_session :admins, root_layout: {ExampleWeb.AdminLayoutView, :root}, on_mount: {ExampleWeb.UserHook, :admin} do scope "/", ExampleWeb do pipe_through [:browser, :auth] live "/admin", HomeLive, :page end end ``` ```elixir defmodule ExampleWeb.AdminLayoutView do @moduledoc false use ExampleWeb, :view def render("root.html", assigns) do ~H""" Admin Layout

Admin

<%= @inner_content %>
""" end end ``` herminiotorres January 28, 2022