Okay. One question, what is the point to implement this as middleware? It's
just a request to /login, which checks the credentials against a database
and returns the status as JSON... in my case the HTTP status code will not
change... (200 for success/failure). I thought it was maybe the case to
modify the HTTP headers, e.g. to add a session id, but it seems this is
also possible with normal handlers.
I would see sense in using a middleware to protect resources that need
authentication. But don't see it right now for /login service.
Am Dienstag, 6. Mai 2014 12:56:33 UTC+2 schrieb Erik Bakstad:
>
> You can also pass inn options to wrap-json-body so you don't have to use
> keywordize-keys:
>
> (def app
> (wrap-json-body handler {:keywords? true :bigdecimals? true}))
>
>
> kl. 12:04:10 UTC+2 tirsdag 6. mai 2014 skrev Ivan Schuetz følgende:
>>
>> Thanks. I just found out that my middlewares work, I just had to reorder
>> them like this:
>>
>> (def app
>> (->
>> (handler/api app-routes)
>> (friend/authenticate {:credential-fn (partial
>> creds/bcrypt-credential-fn users)
>> :login-url "/login"
>> :workflows [
>> (ajax-login)
>> ]})
>>
>> (format/wrap-restful-format)
>>
>> (middleware/wrap-json-body)
>> (middleware/wrap-json-params)
>> (middleware/wrap-json-response)
>>
>> )
>> )
>>
>> Now I don't need slurp... still had to change this line in ajax-login,
>> since the format using these middlewares is a bit different:
>>
>> (if-let [{:keys [username password] :as creds} (get-in
>> request [:params :json-params])]
>>
>> with:
>>
>> (if-let [{:keys [username password] :as creds}
>> (clojure.walk/keywordize-keys(:json-params request))]
>>
>>
>>
>>
>>
>>
>> Am Dienstag, 6. Mai 2014 08:03:47 UTC+2 schrieb Erik Bakstad:
>>>
>>> We're using a custom jsonparam-extractor middleware that basically does
>>> this:
>>>
>>> (update-in req [:params] assoc :json-params (read-json (slurp (:body
>>> req)) true))
>>>
>>> I should probably have clarified this, sorry.
>>>
>>> Also, we're not using interactive-form so I haven't tested if the two
>>> workflows work together. It shouldn't be a problem to make them work
>>> together though.
>>>
>>> kl. 02:31:30 UTC+2 tirsdag 6. mai 2014 skrev Ivan Schuetz følgende:
>>>>
>>>> Sorry. I mean accepts the request map as an argument. This map doesn't
>>>> contain the parameters.
>>>>
>>>>
>>>> Am Dienstag, 6. Mai 2014 02:17:52 UTC+2 schrieb Ivan Schuetz:
>>>>>
>>>>> The snippet provided by Eric doesn't use the body... it returns a
>>>>> function that accepts params as argument, but they were not being
>>>>> passed...
>>>>> body was set instead, that's why I added slurp.
>>>>>
>>>>> So maybe there's something wrong with the
>>>>> (middleware/wrap-json-params), because it's evidently not having effect.
>>>>>
>>>>>
>>>>> Am Dienstag, 6. Mai 2014 01:18:54 UTC+2 schrieb Sam Ritchie:
>>>>>>
>>>>>> (middleware/wrap-json-params) slurps the body up completely -
>>>>>> this is a mutation, so you won't be able to access the body again.
>>>>>>
>>>>>> Ivan Schuetz
>>>>>> May 5, 2014 3:49 PM
>>>>>> Concerning the workflow with the ajax-login... for some reason the
>>>>>> middleware to set params with json body of my POST isn't working.
>>>>>>
>>>>>> As a workaround I added this to ajax-login, to parse the params:
>>>>>>
>>>>>> (checore/parse-string (slurp (:body request)) true)
>>>>>>
>>>>>>
>>>>>>
>>>>>> I had also to remove the interactive-form workflow I had... now my
>>>>>> middleware looks like this:
>>>>>>
>>>>>>
>>>>>> (friend/authenticate {:credential-fn (partial
>>>>>> creds/bcrypt-credential-fn users)
>>>>>> :login-url "/login"
>>>>>> :workflows [
>>>>>> (ajax-login)
>>>>>> ]})
>>>>>>
>>>>>>
>>>>>>
>>>>>> I do have the middlewares supposedly responsible for setting :params
>>>>>> ... not idea why this is not being done. This is the complete block:
>>>>>>
>>>>>> (def app
>>>>>> (->
>>>>>> (handler/api app-routes)
>>>>>>
>>>>>> (format/wrap-restful-format)
>>>>>>
>>>>>> (middleware/wrap-json-body)
>>>>>> (middleware/wrap-json-params)
>>>>>> (middleware/wrap-json-response)
>>>>>>
>>>>>> (friend/authenticate {:credential-fn (partial
>>>>>> creds/bcrypt-credential-fn users)
>>>>>> :login-url "/login"
>>>>>> :workflows [
>>>>>> (ajax-login)
>>>>>> ]})
>>>>>>
>>>>>> )
>>>>>> )
>>>>>>
>>>>>> But well, it works for now.
>>>>>>
>>>>>>
>>>>>>
>>>>>> Am Freitag, 25. April 2014 18:53:42 UTC+2 schrieb Ivan Schuetz:
>>>>>> --
>>>>>> You received this message because you are subscribed to the Google
>>>>>> Groups "Clojure" group.
>>>>>> To post to this group, send email to [email protected]
>>>>>> Note that posts from new members are moderated - please be patient
>>>>>> with your first post.
>>>>>> To unsubscribe from this group, send email to
>>>>>> [email protected]
>>>>>> For more options, visit this group at
>>>>>> http://groups.google.com/group/clojure?hl=en
>>>>>> ---
>>>>>> You received this message because you are subscribed to the Google
>>>>>> Groups "Clojure" group.
>>>>>> To unsubscribe from this group and stop receiving emails from it,
>>>>>> send an email to [email protected].
>>>>>> For more options, visit https://groups.google.com/d/optout.
>>>>>> Ivan Schuetz
>>>>>> April 25, 2014 10:53 AM
>>>>>> Also I couldn't find which library you're using for "get-headers"
>>>>>> function... or is it a self made one?
>>>>>>
>>>>>> I found a get-headers in ring-servlet...
>>>>>> https://github.com/ring-clojure/ring/tree/master/ring-servlet
>>>>>>
>>>>>> Added this dependency [ring/ring-servlet "1.3.0-beta1"] didn't work
>>>>>>
>>>>>> And also in a netty adapter library
>>>>>> [ring-netty-adapter "0.0.3"]
>>>>>>
>>>>>> Also didn't work... for now I commented this line out, since it's not
>>>>>> necessary to get my curl test working. But it would be nice if you
>>>>>> provide
>>>>>> the dependencies.
>>>>>>
>>>>>>
>>>>>>
>>>>>> Am Donnerstag, 24. April 2014 08:51:29 UTC+2 schrieb Erik Bakstad:
>>>>>> --
>>>>>> You received this message because you are subscribed to the Google
>>>>>> Groups "Clojure" group.
>>>>>> To post to this group, send email to [email protected]
>>>>>> Note that posts from new members are moderated - please be patient
>>>>>> with your first post.
>>>>>> To unsubscribe from this group, send email to
>>>>>> [email protected]
>>>>>> For more options, visit this group at
>>>>>> http://groups.google.com/group/clojure?hl=en
>>>>>> ---
>>>>>> You received this message because you are subscribed to the Google
>>>>>> Groups "Clojure" group.
>>>>>> To unsubscribe from this group and stop receiving emails from it,
>>>>>> send an email to [email protected].
>>>>>> For more options, visit https://groups.google.com/d/optout.
>>>>>> Erik Bakstad
>>>>>> April 24, 2014 12:51 AM
>>>>>> Here is an example from our ajax-login form. After reading Sam's
>>>>>> excellent writeup it should be understandable.
>>>>>>
>>>>>> https://gist.github.com/ebaxt/11244031
>>>>>>
>>>>>> kl. 00:28:45 UTC+2 torsdag 24. april 2014 skrev Ivan Schuetz følgende:
>>>>>> --
>>>>>> You received this message because you are subscribed to the Google
>>>>>> Groups "Clojure" group.
>>>>>> To post to this group, send email to [email protected]
>>>>>> Note that posts from new members are moderated - please be patient
>>>>>> with your first post.
>>>>>> To unsubscribe from this group, send email to
>>>>>> [email protected]
>>>>>> For more options, visit this group at
>>>>>> http://groups.google.com/group/clojure?hl=en
>>>>>> ---
>>>>>> You received this message because you are subscribed to the Google
>>>>>> Groups "Clojure" group.
>>>>>> To unsubscribe from this group and stop receiving emails from it,
>>>>>> send an email to [email protected].
>>>>>> For more options, visit https://groups.google.com/d/optout.
>>>>>> Ivan Schuetz
>>>>>> April 23, 2014 4:28 PM
>>>>>> Hi,
>>>>>>
>>>>>> I'm trying to get a simple use case running - send a login request to
>>>>>> /login and get success or fail response, preferably in JSON format.
>>>>>>
>>>>>> I followed the example in
>>>>>> https://github.com/cemerick/friend#workflows
>>>>>>
>>>>>>
>>>>>> (def users {"root" {:username "root"
>>>>>> :password (creds/hash-bcrypt "admin_password")
>>>>>> :roles #{::admin}}
>>>>>> "jane" {:username "jane"
>>>>>> :password (creds/hash-bcrypt "test")
>>>>>> :roles #{::user}}})
>>>>>>
>>>>>>
>>>>>> (defroutes app-routes
>>>>>>
>>>>>> (GET "/test" [] {:body {:my-map "helo"}})
>>>>>>
>>>>>> (route/resources "/")
>>>>>>
>>>>>> (route/not-found "Not found"))
>>>>>>
>>>>>> (def app
>>>>>> (->
>>>>>> (handler/api app-routes)
>>>>>> (middleware/wrap-json-body)
>>>>>> (middleware/wrap-json-response)
>>>>>>
>>>>>> (friend/authenticate {:credential-fn (partial
>>>>>> creds/bcrypt-credential-fn users)
>>>>>> :workflows [
>>>>>>
>>>>>> (workflows/interactive-form)]})
>>>>>> )
>>>>>> )
>>>>>>
>>>>>>
>>>>>>
>>>>>> I'm testing with curl:
>>>>>>
>>>>>> curl -v --data "username=jane&password=test"
>>>>>> http://localhost:3000/login
>>>>>>
>>>>>> Or:
>>>>>>
>>>>>> curl -v --request POST "
>>>>>> http://localhost:3000/login?username=jane&password=test";
>>>>>>
>>>>>> And I get:
>>>>>>
>>>>>> * About to connect() to localhost port 3000 (#0)
>>>>>> * Trying ::1...
>>>>>> * connected
>>>>>> * Connected to localhost (::1) port 3000 (#0)
>>>>>> > POST /login?username=jane&password=test HTTP/1.1
>>>>>> > User-Agent: curl/7.24.0 (x86_64-apple-darwin12.0) libcurl/7.24.0
>>>>>> OpenSSL/0.9.8y zlib/1.2.5
>>>>>> > Host: localhost:3000
>>>>>> > Accept: */*
>>>>>> >
>>>>>> < HTTP/1.1 302 Found
>>>>>> < Date: Wed, 23 Apr 2014 22:25:15 GMT
>>>>>> < Location: http://localhost:3000/login?&login_failed=Y&username=
>>>>>> < Content-Length: 0
>>>>>> < Server: Jetty(7.6.8.v20121106)
>>>>>> <
>>>>>> * Connection #0 to host localhost left intact
>>>>>> * Closing connection #0
>>>>>>
>>>>>>
>>>>>> This looks like authentication failed, but the data is correct. I
>>>>>> reviewed the curl request, and this seems to be the correct way to send
>>>>>> a
>>>>>> POST. But &username= gives me the impression it's not being parsed
>>>>>> correctly.
>>>>>>
>>>>>> Also, how can I get a JSON response instead of only a header?
>>>>>>
>>>>>> Thanks.
>>>>>>
>>>>>> P.S. Maybe it would be positive if this library has an own Google
>>>>>> Group.
>>>>>> --
>>>>>> You received this message because you are subscribed to the Google
>>>>>> Groups "Clojure" group.
>>>>>> To post to this group, send email to [email protected]
>>>>>> Note that posts from new members are moderated - please be patient
>>>>>> with your first post.
>>>>>> To unsubscribe from this group, send email to
>>>>>> [email protected]
>>>>>> For more options, visit this group at
>>>>>> http://groups.google.com/group/clojure?hl=en
>>>>>> ---
>>>>>> You received this message because you are subscribed to the Google
>>>>>> Groups "Clojure" group.
>>>>>> To unsubscribe from this group and stop receiving emails from it,
>>>>>> send an email to [email protected].
>>>>>> For more options, visit https://groups.google.com/d/optout.
>>>>>>
>>>>>>
>>>>>> --
>>>>>> Sam Ritchie (@sritchie)
>>>>>> Paddleguru Co-Founder
>>>>>> 703.863.8561
>>>>>> www.paddleguru.com
>>>>>> Twitter <http://twitter.com/paddleguru> //
>>>>>> Facebook<http://facebook.com/paddleguru>
>>>>>>
>>>>>
--
You received this message because you are subscribed to the Google
Groups "Clojure" group.
To post to this group, send email to [email protected]
Note that posts from new members are moderated - please be patient with your
first post.
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/clojure?hl=en
---
You received this message because you are subscribed to the Google Groups
"Clojure" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
