This page is not created by, affiliated with, or supported by Slack Technologies, Inc.
2022-10-31
Channels
- # aleph (12)
- # announcements (4)
- # asami (7)
- # babashka (20)
- # beginners (92)
- # calva (74)
- # clj-kondo (8)
- # cljdoc (70)
- # clojure (47)
- # clojure-dev (29)
- # clojure-europe (27)
- # clojure-nl (7)
- # clojure-norway (3)
- # clojurescript (7)
- # cursive (2)
- # datomic (1)
- # emacs (8)
- # events (5)
- # fulcro (36)
- # gratitude (4)
- # humbleui (25)
- # introduce-yourself (1)
- # lsp (26)
- # malli (6)
- # missionary (8)
- # nbb (50)
- # off-topic (9)
- # pathom (2)
- # pedestal (3)
- # portal (32)
- # practicalli (5)
- # reitit (5)
- # releases (1)
- # ring (6)
- # shadow-cljs (87)
- # sql (31)
- # tools-deps (26)
- # vim (3)
- # xtdb (15)
How are people doing auth with client side routing? I use buddy on the backend, but I'm navigating using accountant/secretary on the frontend. What's a standard way to control the routing?
There's no standard way. I myself prefer to keep auth out of the SPA part of things. It's more direct, simpler and easier to implement, and works perfectly with any sort of password manager.
To clarify, I mean restricting SPA routes based on session, not handling login on the client side
So I have an index.html that uses Rum and secretary for different routes. I want to restrict /users and I'm not sure manually checking session is a good way to do that or not
Just in case - you can't truly restrict anything on the client side, so I assume you mean simply preventing some routes from being used by accident in your code or something like that.
You gotta restrict /users
on the server side, restrict all the API endpoints that the /users
page uses, and finally, check authorization on the client side - either when accessing that route or when creating the routing table at the very start.
Yes that is what I mean. I wouldn't rely purely on the client
I can recommend https://github.com/keechma/keechma-next (for example https://awardedtenders.au)