Fork me on GitHub

is it possible to have a web app with some routes with “:duct.module.web/site” middleware and some other routes with “:duct.module.web/api” middleware? I’ve tried to set an app with +site +api but the documentation of module.web says you should use one or the other. I’ve also tried to set a middleware through a ataraxy metadata in a route (see, but I am not sure how to pass a list of middlewares to an specific route.


What do you mean by a list of middleware? Just more than one? If you want more than one, here's an example:

{:middleware {:cors #ig/ref :app.middleware/cors
              :auth #ig/ref :app.middleware/auth}
 :routes {"/v1" ^{:cors true
                  :auth true}
          {[:get "/users/" user-id]}}}


Yes, I just wanted to copy the list of middlewares set in module duct.module.web/api in one of my routes.


I was trying to do something like this

{:middleware {:custom-api [(ig/ref :duct.middleware.web/not-found)
                            (ig/ref :duct.middleware.web/format)
                            (ig/ref :duct.middleware.web/defaults)]}
 :routes {"/v1" ^{:custom-api true}
          {[:get "/users/" user-id]}}}


My doubt with the map

^{:cors true
 :auth true}
is that if it respects the order of the keys as it is important when defining the list of middlewares


thanks a lot @UG9U7TPDZ I’ll follow your suggestion and check if the order of the middlewares is respected.


I think it is sorted by key name, but I'm not sure


+site +api should work now, as that was fixed in the template a while ago. The module.web documentation may be out of date.


@U0BKWMG5B how do I tell to a route use “site” middlewares and another use “api” middlewares?


@UG9U7TPDZ thanks, it worked as you mention: they are sorted by key.


@U0BKWMG5B When I use +site +api , the api requests fail with an Invalid anti-forgery token . I’ve just disabled anti-forgery and it works. But still I am not sure what’s the best way to disable it only for api routes.