Fork me on GitHub
#clojure
<
2021-07-01
>
emccue03:07:13

I've been trying to retrofit friend to accept JWT auth

emccue03:07:23

not having much luck

emccue03:07:00

we just need some token based auth scheme for an app to be able to call protected api routes

emccue03:07:08

has anyone done something similar?

nate sire15:07:43

Oauth2 is good for protecting APIs. You could use a service on AWS. JWT can work with Oauth2. JWT is a way to format the tokens. Oauth is the protocal (directions, standards) for running it.

emccue15:07:02

I am reluctant to touch cognito at this point, partially from echoes of screams from previous coworkers

emccue15:07:24

but it still doesn't really help me significantly at this juncture

emccue15:07:42

like, i can pretty straightforwardly just issue a token based on email/pass

emccue15:07:17

I'm just stuck at making the change to let friend say "let them pass if they have session auth or if they gave a jwt"

emccue03:07:30

it wouldn't be in scope to move to something like buddy unless its required

kennytilton12:07:48

Someone who thought I knew things asked me how to build a Clojure backend for a React/Vue app. ISTR just starting from a Compojure template, but they asked specifically about Luminus and Fulcro. They had kinda figured out that Fulcro was full-stack and otherwise challenging; they are new to Clojure and wanted "easy". So Luminus would get the nod, but are there other good lightweight backends we should be considering? Thx! 🙏

cjmurphy12:07:18

Fulcro is front end only, leaving Pathom to do the back-end work. Fulcro RAD uses Pathom on the back-end. So the lightweight back-end choice in the Fulcro space is really Pathom. I have heard of companies using Pathom as a BE when the FE is Re-frame. Your FE just needs to do EQL (keyword-based) queries.

kennytilton13:07:16

I know what you mean, but I did get an "all-in" feeling reading the Fulcro docs. I guess this sums it up "Fulcro's architecture spans the entire stack..." and "and providing the architecture for managing that model across the entire stack reduces the number of things you have to cope with when solving your real problems.".

nate sire15:07:44

I was playing with Coast on Clojure and Duct. I tried Luminus but it was difficult for me to find docs. Maybe it is better. That was a few years ago.

noisesmith16:07:41

luminus has more comprehensive docs than anything else I know of in its class https://luminusweb.com/docs/guestbook of course you'll usually be looking for docs about the actual libs that luminus gives you

seancorfield17:07:11

I don't think Luminus is really as "easy" as it might appear on first look. Sure, it's a nice, comprehensive template that can create a full-featured project outline but it uses a lot of libraries and has a pretty opinionated structure. Beginners tend to flail as soon as anything goes wrong because there are so many moving parts.

seancorfield17:07:56

I recommend beginners start with just compojure + ring. Compojure-api if they specifically want an API with Swagger support.

kennytilton17:07:14

Agreed on Compojure, and thanks for the heads up on Luminus. My compatriot is a brave and very bright Clojure noob tasked with building a serious production backend, so he may be game for steeper learning curve that gets him where he needs to be faster. I'll give him the options!

emccue18:07:24

personally compojure still confuses me sometimes - if starting from scratch I would prob. point someone to https://github.com/metosin/reitit since it requires less macro understanding

seancorfield19:07:33

That's a good point. I would probably choose reitit now for a new web app, but I haven't used it at all so I don't tend to think of it when folks ask about simply getting started.

cjmurphy23:07:55

@hiskennyness Yeah the 'architecture [of Fulcro] spans the entire stack' (quote copied from https://fulcro.fulcrologic.com/) if you haven't yet introduced EQL and Fulcro RAD (which is where Fulcro starts to use Pathom). Another thing that should probably be said is that Pathom is not necessarily 'server-side'. For example for a Fulcro app against a REST back-end the recommended approach is to put Pathom on the browser (Fulcro's BE just being the default first one: :remote). (Of course with a Vue.js FE Pathom would be on the server).

borkdude12:07:25

@hiskennyness I personally like #yada as well, but it doesn't seem to be actively worked on at the moment. Having said that, it worked well for the last 4 or so years of using it, for me.

4
👀 2
kennytilton17:07:20

Interesting suggestion. Inactive may not be bad if it means "done", and it sounds like it is mature. I have shared that option with my firend. Thx!

nikolavojicic23:07:09

Anybody using https://github.com/metosin/jsonista knows how to read JSON date as date and not as string?

(json/read-value (json/write-value-as-string (java.util.Date.)))
(json/read-value (json/write-value-as-string (java.time.Instant/now)))
(json/read-value (json/write-value-as-string (java.time.LocalDateTime/now)))
(json/read-value (json/write-value-as-string (java.time.OffsetDateTime/now)))
All of these are read as strings. Ofc I can call e.g. java.time.Instant/parse on string but imagine nested JSON object.