How to properly make use of browser caching with nginx on production?

Do you plan to cache whole web pages?

As far as I understand, nginx can’t decide whether a user is authenticated by just looking at the default (in phoenix) headers without asking your app. A simpler set up would be to put the cache (if any) in the application layer. For a more involved set up with nginx cache (at the proxy layer), see https://softwareengineering.stackexchange.com/questions/299535/caching-authenticated-requests-for-all-users.

You can safely cache public assets like js/css/etc.