Fork me on GitHub
#duct
<
2018-06-18
>
nyor.tr16:06:27

I'm trying to add authentication to a sample site in duct. I'm using the buddy middleware. I have tried using the buddy.auth.accessrules/restrict function as @weavejester suggested in https://github.com/duct-framework/module.ataraxy/issues/6.

nyor.tr16:06:50

It kind of works, I'm able to login with credentials and restrict pages but I have not found a way to add a custom unauthorized page. Adding a handler to :on-error in the restrict function does not seem to work, (I still see the unauthorized exception page). I have added the following middleware:

clojure
(defmethod ig/init-key ::restrict
  [_ _]
  (fn [handler]
    (-> handler
        (restrict {:handler authenticated? :on-error (ig/ref :otherblog.handler.login/denied)}))))
where the :otherblog.handler.login/denied handler is:
clojure
(defmethod ig/init-key ::denied [_ options]
  (fn [{[_] :ataraxy/result}]
    [::response/bad-request (io/resource "otherblog/handler/login/denied.html")]))
I have included them in the config file as well:
:otherblog.middleware/restrict {}
 ;; ... 
 ;; middleware
 :duct.router/ataraxy
 {:middleware {:session-auth #ig/ref :duct.middleware.buddy/authentication}}

 ;; routes
 :duct.module/ataraxy
 {[:get "/example"]
  ^:restrict ^:session-auth
  [:example/example]

 ;; handlers
 :otherblog.handler.example/example
 {:db #ig/ref :duct.database/sql}

 :otherblog.handler.login/login
 {:db #ig/ref :duct.database/sql}

 :otherblog.handler.login/denied
 {:db #ig/ref :duct.database/sql}

weavejester18:06:12

@nyor.tr You can’t add refs to init-key, since that method is called after references are resolved.

weavejester18:06:28

The latest Integrant alpha version adds prep-key for this purpose.

weavejester18:06:52

You could also add the ref for :on-error via the configuration