add auth middleware with :identity key for admin access
This commit is contained in:
parent
661435beb4
commit
f636248dc2
4 changed files with 42 additions and 12 deletions
|
@ -63,15 +63,24 @@
|
||||||
<div class="navbar-end">
|
<div class="navbar-end">
|
||||||
<div class="navbar-item">
|
<div class="navbar-item">
|
||||||
<div class="buttons">
|
<div class="buttons">
|
||||||
|
{% if user.admin %}
|
||||||
|
{% if user.admin.enabled %}
|
||||||
|
<a class="button is-light" href="/admin/disable">
|
||||||
|
<strong>Disable admin</strong>
|
||||||
|
</a>
|
||||||
|
{% else %}
|
||||||
|
<a class="button is-light" href="/admin/enable">
|
||||||
|
<strong>Enable admin</strong>
|
||||||
|
</a>
|
||||||
|
{%endif%}
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
{% if user %}
|
{% if user %}
|
||||||
<a class="button is-light" href="/logout">
|
<a class="button is-light" href="/logout">
|
||||||
<strong>Logout</strong>
|
<strong>Logout</strong>
|
||||||
</a>
|
</a>
|
||||||
{% else %}
|
{% else %}
|
||||||
<a class="button is-info">
|
<a class="button is-info" href="/oauth/oauth-init">
|
||||||
<strong>Sign up</strong>
|
|
||||||
</a>
|
|
||||||
<a class="button is-light" href="/oauth/oauth-init">
|
|
||||||
Log in
|
Log in
|
||||||
</a>
|
</a>
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
@ -81,10 +90,13 @@
|
||||||
</div>
|
</div>
|
||||||
</nav>
|
</nav>
|
||||||
<section class="section">
|
<section class="section">
|
||||||
|
<div class="container">
|
||||||
<div id="view">
|
<div id="view">
|
||||||
<div style="width: 400px; height: 300px"></div>
|
<div style="width: 400px; height: 300px"></div>
|
||||||
</div>
|
</div>
|
||||||
|
</div>
|
||||||
</section>
|
</section>
|
||||||
|
{% if user.admin.enabled %}
|
||||||
<section class="section">
|
<section class="section">
|
||||||
<div class="columns">
|
<div class="columns">
|
||||||
<div class="column">
|
<div class="column">
|
||||||
|
@ -186,6 +198,7 @@
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
</section>
|
</section>
|
||||||
|
{% endif %}
|
||||||
<section class="section">
|
<section class="section">
|
||||||
<div id="app">
|
<div id="app">
|
||||||
<div class="container">
|
<div class="container">
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
(:require [cat.middleware :as middleware]
|
(:require [cat.middleware :as middleware]
|
||||||
[cat.layout :refer [error-page]]
|
[cat.layout :refer [error-page]]
|
||||||
[cat.routes.home :refer [home-routes]]
|
[cat.routes.home :refer [home-routes]]
|
||||||
[cat.routes.oauth :refer [oauth-routes]]
|
[cat.routes.oauth :refer [oauth-routes admin-routes]]
|
||||||
[compojure.core :refer [routes wrap-routes]]
|
[compojure.core :refer [routes wrap-routes]]
|
||||||
[ring.util.http-response :as response]
|
[ring.util.http-response :as response]
|
||||||
[compojure.route :as route]
|
[compojure.route :as route]
|
||||||
|
@ -21,6 +21,8 @@
|
||||||
(wrap-routes middleware/wrap-csrf)
|
(wrap-routes middleware/wrap-csrf)
|
||||||
(wrap-routes middleware/wrap-formats))
|
(wrap-routes middleware/wrap-formats))
|
||||||
#'oauth-routes
|
#'oauth-routes
|
||||||
|
(-> #'admin-routes
|
||||||
|
(wrap-routes middleware/wrap-restricted))
|
||||||
(route/not-found
|
(route/not-found
|
||||||
(:body
|
(:body
|
||||||
(error-page {:status 404
|
(error-page {:status 404
|
||||||
|
|
|
@ -13,7 +13,7 @@
|
||||||
[immutant.web.middleware :refer [wrap-session]]
|
[immutant.web.middleware :refer [wrap-session]]
|
||||||
[ring.middleware.defaults :refer [site-defaults wrap-defaults]]
|
[ring.middleware.defaults :refer [site-defaults wrap-defaults]]
|
||||||
[buddy.auth.middleware :refer [wrap-authentication wrap-authorization]]
|
[buddy.auth.middleware :refer [wrap-authentication wrap-authorization]]
|
||||||
[buddy.auth.accessrules :refer [restrict]]
|
[buddy.auth.accessrules :refer [restrict wrap-access-rules]]
|
||||||
[buddy.auth :refer [authenticated?]]
|
[buddy.auth :refer [authenticated?]]
|
||||||
[buddy.auth.backends.session :refer [session-backend]])
|
[buddy.auth.backends.session :refer [session-backend]])
|
||||||
(:import))
|
(:import))
|
||||||
|
|
|
@ -6,9 +6,18 @@
|
||||||
[clojure.tools.logging :as log]
|
[clojure.tools.logging :as log]
|
||||||
[cat.moauth :as mo]))
|
[cat.moauth :as mo]))
|
||||||
|
|
||||||
|
(def admins #{117 ;flynn
|
||||||
|
})
|
||||||
|
|
||||||
(defn set-user! [user session redirect-url]
|
(defn set-user! [user session redirect-url]
|
||||||
|
(let [new-session (-> session
|
||||||
|
(assoc :user user)
|
||||||
|
(cond-> (contains? admins (:id user))
|
||||||
|
(->
|
||||||
|
(assoc-in [:user :admin] {:enabled false})
|
||||||
|
(assoc :identity "foo"))))]
|
||||||
(-> (found redirect-url)
|
(-> (found redirect-url)
|
||||||
(assoc :session (assoc session :user user))))
|
(assoc :session new-session))))
|
||||||
|
|
||||||
(defn remove-user! [session redirect-url]
|
(defn remove-user! [session redirect-url]
|
||||||
(-> (found redirect-url)
|
(-> (found redirect-url)
|
||||||
|
@ -16,7 +25,7 @@
|
||||||
|
|
||||||
(defn clear-session! [redirect-url]
|
(defn clear-session! [redirect-url]
|
||||||
(-> (found redirect-url)
|
(-> (found redirect-url)
|
||||||
(dissoc :session)))
|
(assoc :session nil)))
|
||||||
|
|
||||||
(defn oauth-init
|
(defn oauth-init
|
||||||
"Initiates the Twitter OAuth"
|
"Initiates the Twitter OAuth"
|
||||||
|
@ -48,4 +57,10 @@
|
||||||
(defroutes oauth-routes
|
(defroutes oauth-routes
|
||||||
(GET "/oauth/oauth-init" req (oauth-init req))
|
(GET "/oauth/oauth-init" req (oauth-init req))
|
||||||
(GET "/oauth/oauth-callback" [& req_token :as req] (oauth-callback req_token req))
|
(GET "/oauth/oauth-callback" [& req_token :as req] (oauth-callback req_token req))
|
||||||
(GET "/logout" req (remove-user! (:session req) "/")))
|
(GET "/logout" req (clear-session! "/")))
|
||||||
|
|
||||||
|
(defroutes admin-routes
|
||||||
|
(GET "/admin/enable" req (-> (found "/")
|
||||||
|
(assoc :session (assoc-in (:session req) [:user :admin :enabled] true))))
|
||||||
|
(GET "/admin/disable" req (-> (found "/")
|
||||||
|
(assoc :session (assoc-in (:session req) [:user :admin :enabled] false)))))
|
Loading…
Reference in a new issue