add auth middleware with :identity key for admin access
This commit is contained in:
parent
661435beb4
commit
f636248dc2
4 changed files with 42 additions and 12 deletions
|
@ -63,15 +63,24 @@
|
|||
<div class="navbar-end">
|
||||
<div class="navbar-item">
|
||||
<div class="buttons">
|
||||
{% if user.admin %}
|
||||
{% if user.admin.enabled %}
|
||||
<a class="button is-light" href="/admin/disable">
|
||||
<strong>Disable admin</strong>
|
||||
</a>
|
||||
{% else %}
|
||||
<a class="button is-light" href="/admin/enable">
|
||||
<strong>Enable admin</strong>
|
||||
</a>
|
||||
{%endif%}
|
||||
{% endif %}
|
||||
|
||||
{% if user %}
|
||||
<a class="button is-light" href="/logout">
|
||||
<strong>Logout</strong>
|
||||
</a>
|
||||
{% else %}
|
||||
<a class="button is-info">
|
||||
<strong>Sign up</strong>
|
||||
</a>
|
||||
<a class="button is-light" href="/oauth/oauth-init">
|
||||
<a class="button is-info" href="/oauth/oauth-init">
|
||||
Log in
|
||||
</a>
|
||||
{% endif %}
|
||||
|
@ -81,10 +90,13 @@
|
|||
</div>
|
||||
</nav>
|
||||
<section class="section">
|
||||
<div id="view">
|
||||
<div style="width: 400px; height: 300px"></div>
|
||||
<div class="container">
|
||||
<div id="view">
|
||||
<div style="width: 400px; height: 300px"></div>
|
||||
</div>
|
||||
</div>
|
||||
</section>
|
||||
{% if user.admin.enabled %}
|
||||
<section class="section">
|
||||
<div class="columns">
|
||||
<div class="column">
|
||||
|
@ -186,6 +198,7 @@
|
|||
</div>
|
||||
</div>
|
||||
</section>
|
||||
{% endif %}
|
||||
<section class="section">
|
||||
<div id="app">
|
||||
<div class="container">
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
(:require [cat.middleware :as middleware]
|
||||
[cat.layout :refer [error-page]]
|
||||
[cat.routes.home :refer [home-routes]]
|
||||
[cat.routes.oauth :refer [oauth-routes]]
|
||||
[cat.routes.oauth :refer [oauth-routes admin-routes]]
|
||||
[compojure.core :refer [routes wrap-routes]]
|
||||
[ring.util.http-response :as response]
|
||||
[compojure.route :as route]
|
||||
|
@ -21,6 +21,8 @@
|
|||
(wrap-routes middleware/wrap-csrf)
|
||||
(wrap-routes middleware/wrap-formats))
|
||||
#'oauth-routes
|
||||
(-> #'admin-routes
|
||||
(wrap-routes middleware/wrap-restricted))
|
||||
(route/not-found
|
||||
(:body
|
||||
(error-page {:status 404
|
||||
|
|
|
@ -13,7 +13,7 @@
|
|||
[immutant.web.middleware :refer [wrap-session]]
|
||||
[ring.middleware.defaults :refer [site-defaults wrap-defaults]]
|
||||
[buddy.auth.middleware :refer [wrap-authentication wrap-authorization]]
|
||||
[buddy.auth.accessrules :refer [restrict]]
|
||||
[buddy.auth.accessrules :refer [restrict wrap-access-rules]]
|
||||
[buddy.auth :refer [authenticated?]]
|
||||
[buddy.auth.backends.session :refer [session-backend]])
|
||||
(:import))
|
||||
|
|
|
@ -6,9 +6,18 @@
|
|||
[clojure.tools.logging :as log]
|
||||
[cat.moauth :as mo]))
|
||||
|
||||
(def admins #{117 ;flynn
|
||||
})
|
||||
|
||||
(defn set-user! [user session redirect-url]
|
||||
(-> (found redirect-url)
|
||||
(assoc :session (assoc session :user user))))
|
||||
(let [new-session (-> session
|
||||
(assoc :user user)
|
||||
(cond-> (contains? admins (:id user))
|
||||
(->
|
||||
(assoc-in [:user :admin] {:enabled false})
|
||||
(assoc :identity "foo"))))]
|
||||
(-> (found redirect-url)
|
||||
(assoc :session new-session))))
|
||||
|
||||
(defn remove-user! [session redirect-url]
|
||||
(-> (found redirect-url)
|
||||
|
@ -16,7 +25,7 @@
|
|||
|
||||
(defn clear-session! [redirect-url]
|
||||
(-> (found redirect-url)
|
||||
(dissoc :session)))
|
||||
(assoc :session nil)))
|
||||
|
||||
(defn oauth-init
|
||||
"Initiates the Twitter OAuth"
|
||||
|
@ -48,4 +57,10 @@
|
|||
(defroutes oauth-routes
|
||||
(GET "/oauth/oauth-init" req (oauth-init req))
|
||||
(GET "/oauth/oauth-callback" [& req_token :as req] (oauth-callback req_token req))
|
||||
(GET "/logout" req (remove-user! (:session req) "/")))
|
||||
(GET "/logout" req (clear-session! "/")))
|
||||
|
||||
(defroutes admin-routes
|
||||
(GET "/admin/enable" req (-> (found "/")
|
||||
(assoc :session (assoc-in (:session req) [:user :admin :enabled] true))))
|
||||
(GET "/admin/disable" req (-> (found "/")
|
||||
(assoc :session (assoc-in (:session req) [:user :admin :enabled] false)))))
|
Loading…
Reference in a new issue