This page is not created by, affiliated with, or supported by Slack Technologies, Inc.
2020-07-24
Channels
- # announcements (2)
- # aws (2)
- # babashka (1)
- # beginners (87)
- # boot (1)
- # calva (42)
- # clj-kondo (18)
- # cljdoc (5)
- # cljsjs (1)
- # cljsrn (1)
- # clojars (16)
- # clojure (222)
- # clojure-dev (30)
- # clojure-europe (17)
- # clojure-gamedev (2)
- # clojure-hungary (10)
- # clojure-italy (6)
- # clojure-nl (21)
- # clojure-spec (9)
- # clojure-uk (111)
- # clojuredesign-podcast (1)
- # clojurescript (99)
- # code-reviews (1)
- # conjure (18)
- # cursive (11)
- # datomic (22)
- # emacs (1)
- # events (3)
- # figwheel-main (3)
- # fulcro (14)
- # graalvm (41)
- # graphql (16)
- # helix (12)
- # juxt (1)
- # kaocha (56)
- # keechma (1)
- # meander (77)
- # observability (1)
- # off-topic (29)
- # pathom (3)
- # re-frame (4)
- # reagent (3)
- # reitit (1)
- # remote-jobs (3)
- # reveal (9)
- # shadow-cljs (45)
- # spacemacs (43)
- # sql (28)
- # tools-deps (14)
- # vim (1)
- # xtdb (26)
- # yada (1)
Good morning!
@synthomat that closest to it might be buddy. But authorization in the web is a huge collection of technologies, thus I think you need to look what serves your particular use case. I recommend anything which doesn't require you to handle passwords, iow. offload authentication and focus on authorization
yeah I’m using friend but that’s more authentication and a tiny bit authorization through roles, isn’t it?
I was referring to something where I can check authorization in handlers, services, etc… permissions, ABAC. I’m obviously coming from Java/Spring space and I was just wondering if something similar exists in clojure world (or whether there are other concepts)
but I guess I will just try out different things in my project and see what fits best 🙃
For authorization in the last projects I made good success with storing the identity and oles in the request context, eventually bind a dynvar and check access in the business logic.
When you want to be more declarative on the handler / route layer you can add required roles to your routes if that's supported by the route library of your choice.
I used friend when creating the lambda island site, but in hindsight should've used buddy. It's much better designed.
@synthomat a little bit of authentication and libraries by the author of yada: https://www.youtube.com/watch?time_continue=1161&v=gMYQ1vDy7d0&feature=emb_logo