add auth to user and relation adding

This commit is contained in:
mcbloch 2019-06-09 23:43:16 +02:00
parent 1762d5970c
commit 926dba9d58
2 changed files with 5 additions and 5 deletions

View file

@ -19,7 +19,7 @@
(GET "/" req (show-home req))
(GET "/relations_zeroed" [] (show-relations)))
(defroutes user-routes
(defroutes user-routes ;; These are protect inside their respective functions
(POST "/relation_request/:id/status" [id & body :as req] (update-relationrequest-status id body req)) ; STATUS ENUM: (open, accepted, rejected)
(POST "/request_relation" req (create-relation-request req)))
@ -40,7 +40,8 @@
middleware/wrap-formats)
user-routes
oauth-routes
admin-routes
(-> admin-routes
middleware/wrap-restricted-admin)
(route/not-found
(:body
(error-page {:status 404
@ -50,4 +51,3 @@
:start
(-> app-routes
middleware/wrap-base))

View file

@ -65,10 +65,10 @@
{:status 403
:title (str "Access to " (:uri request) " is not authorised")}))
(defn wrap-restricted
(defn wrap-restricted-admin
"Example of how to wrap a route or handling in an authentication scheme"
[handler]
(restrict handler {:handler authenticated?
(restrict handler {:handler admin-access
:on-error on-auth-error}))
(defn wrap-auth