cleanup and add some comments
This commit is contained in:
flynn
parent
f220856e39
commit
1fc8b9ee5d
2 changed files with 16 additions and 21 deletions
|
|
@ -48,7 +48,9 @@
|
||||||
(defn admin-access [req]
|
(defn admin-access [req]
|
||||||
(contains? (get-in req [:session :user :roles]) :admin))
|
(contains? (get-in req [:session :user :roles]) :admin))
|
||||||
|
|
||||||
(def rules [{:pattern #"^/admin/.*"
|
(def rules
|
||||||
|
"The authentication rules"
|
||||||
|
[{:pattern #"^/admin/.*"
|
||||||
:handler admin-access}
|
:handler admin-access}
|
||||||
; TODO add other auth schemes
|
; TODO add other auth schemes
|
||||||
;{:pattern [#"^/$" #"^/oauth/.*"]
|
;{:pattern [#"^/$" #"^/oauth/.*"]
|
||||||
|
|
@ -57,26 +59,33 @@
|
||||||
; :handler user-access}
|
; :handler user-access}
|
||||||
])
|
])
|
||||||
|
|
||||||
(defn on-error [request response]
|
(defn on-auth-error
|
||||||
|
[request response]
|
||||||
(error-page
|
(error-page
|
||||||
{:status 403
|
{:status 403
|
||||||
:title (str "Access to " (:uri request) " is not authorised")}))
|
:title (str "Access to " (:uri request) " is not authorised")}))
|
||||||
|
|
||||||
(defn wrap-restricted [handler]
|
(defn wrap-restricted
|
||||||
|
"Example of how to wrap a route or handling in an authentication scheme"
|
||||||
|
[handler]
|
||||||
(restrict handler {:handler authenticated?
|
(restrict handler {:handler authenticated?
|
||||||
:on-error on-error}))
|
:on-error on-auth-error}))
|
||||||
|
|
||||||
(defn wrap-auth [handler]
|
(defn wrap-auth
|
||||||
|
"Installs the session backend on ring"
|
||||||
|
[handler]
|
||||||
(let [backend (session-backend)]
|
(let [backend (session-backend)]
|
||||||
(-> handler
|
(-> handler
|
||||||
(wrap-authentication backend)
|
(wrap-authentication backend)
|
||||||
(wrap-authorization backend))))
|
(wrap-authorization backend))))
|
||||||
|
|
||||||
(defn wrap-base [handler]
|
(defn wrap-base
|
||||||
|
"The all default middleware functions. These get applied to every route."
|
||||||
|
[handler]
|
||||||
(-> ((:middleware defaults) handler)
|
(-> ((:middleware defaults) handler)
|
||||||
wrap-auth
|
wrap-auth
|
||||||
(wrap-access-rules {:rules rules
|
(wrap-access-rules {:rules rules
|
||||||
:on-error on-error})
|
:on-error on-auth-error})
|
||||||
wrap-webjars
|
wrap-webjars
|
||||||
wrap-flash
|
wrap-flash
|
||||||
(wrap-session {:cookie-attrs {:http-only true}})
|
(wrap-session {:cookie-attrs {:http-only true}})
|
||||||
|
|
|
||||||
|
|
@ -66,17 +66,3 @@
|
||||||
(log/warn (:cause (Throwable->map e)))
|
(log/warn (:cause (Throwable->map e)))
|
||||||
(-> (found "/")
|
(-> (found "/")
|
||||||
(assoc :flash {:error "An error occurred, please try again."})))))))))
|
(assoc :flash {:error "An error occurred, please try again."})))))))))
|
||||||
|
|
||||||
;(catch [:status 401] _
|
|
||||||
; (error-page {:status 401
|
|
||||||
; :title "Error authenticating"
|
|
||||||
; :message "Please contact your system administrator to fix this issue"}))
|
|
||||||
|
|
||||||
; TODO catch using
|
|
||||||
;(defn multiple-status-endpoint [req]
|
|
||||||
; (let [resp (do-external-request req)]
|
|
||||||
; (condp = (:status resp)
|
|
||||||
; 201 (println ok)
|
|
||||||
; 401 (println error))))
|
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue