This page is not created by, affiliated with, or supported by Slack Technologies, Inc.
2024-01-07
Channels
- # announcements (2)
- # beginners (30)
- # calva (7)
- # cherry (15)
- # clerk (21)
- # clojure (1)
- # clojure-losangeles (12)
- # clojure-norway (1)
- # clojure-spec (3)
- # clojurescript (31)
- # conjure (2)
- # cursive (44)
- # datomic (13)
- # emacs (13)
- # honeysql (15)
- # hyperfiddle (7)
- # malli (2)
- # off-topic (17)
- # overtone (6)
- # reitit (7)
- # ring (58)
- # shadow-cljs (12)
- # squint (14)
- # tools-deps (14)
- # web-security (1)
- # xtdb (29)
I'm trying to implement session auth but for some reason my session cookie is being set automatically when I refresh a page. is this supposed to happen? Also, is the cookie being set automatically by buddy.auth when the :session key is set to a value?
(ns rm.handler
(:require [reitit.ring :as ring]
[ring.middleware.defaults :as defaults]
[ring.middleware.session.cookie :as cookie]
[ring.util.response :as res]
[buddy.auth.backends.session :as session]
[buddy.auth.middleware :as auth-middleware]
[rm.routes.core :as routes]))
(defn default-middleware [cookie-secret]
(fn [handler]
(let [cs (cookie/cookie-store {:key (.getBytes ^String cookie-secret)})
name "rm-session"
attrs {:max-age (* 60 60 24 7) ; 1 week
:http-only true
:same-site :lax}]
(defaults/wrap-defaults handler
(-> defaults/site-defaults
(assoc-in [:session :store] cs)
(assoc-in [:session :cookie-name] name)
(assoc-in [:session :cookie-attrs] attrs))))))
(defn handler [db cookie-secret]
(ring/ring-handler
(ring/router
routes/routes
{:data {:db db
:middleware [#_auth-middleware]}})
(ring/routes
(ring/redirect-trailing-slash-handler)
(ring/create-resource-handler {:path "/"})
(ring/create-default-handler
{:not-found
(constantly (-> {:status 404 :body "page not found"}
(res/content-type "text/html")))
:method-not-allowed
(constantly (-> {:status 405 :body "not allowed"}
(res/content-type "text/html")))
:not-acceptable
(constantly (-> {:status 406 :body "not acceptable"}
(res/content-type "text/html")))}))
{:middleware [(default-middleware cookie-secret)]}))