Hmm... Ok I read
http://sritchie.github.io/2014/01/17/api-authentication-with-liberator-and-friend/
for now I would like to get it working without using Liberator. Probably
I'll add it later. The part explaining the authentication explains a lot
but still couldn't figure out how to implement json login.
I tried Erik's snippet, but it's not complete and I can't figure out how to
use it.
ajax-login is a workflow... right? I tried this:
(def app
(->
(handler/api app-routes)
(middleware/wrap-json-body)
(middleware/wrap-json-response)
(friend/authenticate {:credential-fn (partial
creds/bcrypt-credential-fn users)
:login-url "/login"
:workflows [
;(workflows/http-basic :realm "/")
(workflows/interactive-form)
(ajax-login)
]})
)
)
Then I test with curl:
curl -i -H "content-type: application/json" -X POST -d
"username=jane&password=test" http://localhost:3000/login
And I get again:
HTTP/1.1 302 Found
Date: Fri, 25 Apr 2014 16:47:15 GMT
Location: http://localhost:3000/login?&login_failed=Y&username=
Content-Length: 0
Server: Jetty(7.6.8.v20121106)
So I debugged the parameters passed to the ajax-login...
(println (str "headers: " headers))
(println (str "request-method: " request-method))
(println (str "params: " params))
And I see:
headers: {"user-agent" "curl/7.24.0 (x86_64-apple-darwin12.0)
libcurl/7.24.0 OpenSSL/0.9.8y zlib/1.2.5", "content-type"
"application/json", "content-length" "29", "accept" "*/*", "host"
"localhost:3000"}
request-method: :post
params:
So apparently the post data is not being passed...?
I also tried (randomly) commenting this out
(workflows/interactive-form)
As expected no success, get a different error.
BTW, I'm implementing this for an iOS app not ajax, but it shouldn't make
any difference. Anyway for now I just want it to work with curl.
Thanks for your help.
Am Donnerstag, 24. April 2014 08:51:29 UTC+2 schrieb Erik Bakstad:
>
> Here is an example from our ajax-login form. After reading Sam's excellent
> writeup it should be understandable.
>
> https://gist.github.com/ebaxt/11244031
>
> kl. 00:28:45 UTC+2 torsdag 24. april 2014 skrev Ivan Schuetz følgende:
>>
>> Hi,
>>
>> I'm trying to get a simple use case running - send a login request to
>> /login and get success or fail response, preferably in JSON format.
>>
>> I followed the example in https://github.com/cemerick/friend#workflows
>>
>>
>> (def users {"root" {:username "root"
>> :password (creds/hash-bcrypt "admin_password")
>> :roles #{::admin}}
>> "jane" {:username "jane"
>> :password (creds/hash-bcrypt "test")
>> :roles #{::user}}})
>>
>>
>> (defroutes app-routes
>>
>> (GET "/test" [] {:body {:my-map "helo"}})
>>
>> (route/resources "/")
>>
>> (route/not-found "Not found"))
>>
>> (def app
>> (->
>> (handler/api app-routes)
>> (middleware/wrap-json-body)
>> (middleware/wrap-json-response)
>>
>> (friend/authenticate {:credential-fn (partial
>> creds/bcrypt-credential-fn users)
>> :workflows [
>> (workflows/interactive-form)]})
>> )
>> )
>>
>>
>>
>> I'm testing with curl:
>>
>> curl -v --data "username=jane&password=test" http://localhost:3000/login
>>
>> Or:
>>
>> curl -v --request POST "
>> http://localhost:3000/login?username=jane&password=test";
>>
>> And I get:
>>
>> * About to connect() to localhost port 3000 (#0)
>> * Trying ::1...
>> * connected
>> * Connected to localhost (::1) port 3000 (#0)
>> > POST /login?username=jane&password=test HTTP/1.1
>> > User-Agent: curl/7.24.0 (x86_64-apple-darwin12.0) libcurl/7.24.0
>> OpenSSL/0.9.8y zlib/1.2.5
>> > Host: localhost:3000
>> > Accept: */*
>> >
>> < HTTP/1.1 302 Found
>> < Date: Wed, 23 Apr 2014 22:25:15 GMT
>> < Location: http://localhost:3000/login?&login_failed=Y&username=
>> < Content-Length: 0
>> < Server: Jetty(7.6.8.v20121106)
>> <
>> * Connection #0 to host localhost left intact
>> * Closing connection #0
>>
>>
>> This looks like authentication failed, but the data is correct. I
>> reviewed the curl request, and this seems to be the correct way to send a
>> POST. But &username= gives me the impression it's not being parsed
>> correctly.
>>
>> Also, how can I get a JSON response instead of only a header?
>>
>> Thanks.
>>
>> P.S. Maybe it would be positive if this library has an own Google Group.
>>
>
--
You received this message because you are subscribed to the Google
Groups "Clojure" group.
To post to this group, send email to [email protected]
Note that posts from new members are moderated - please be patient with your
first post.
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/clojure?hl=en
---
You received this message because you are subscribed to the Google Groups
"Clojure" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
