duct

m-arch 2021-08-29T08:27:42.004400Z

Hello guys, I am trying to add buddy middleware to authenticate users for a sample site.

{:duct.profile/base 
 {:duct.core/project-ns sot
...
  :duct.middleware.buddy/authentication
  {:backend :jwe
   :realm   "Example"
   :authfn  #ig/ref :sot.handler.test/basic-auth}
  
  :sot.handler.test/basic-auth {}
  
  :duct.router/ataraxy
  {:middleware {:protected #ig/ref :duct.middleware.buddy/authentication}
   :routes {[:get "/"]
             ^:protected [:sot.handler/index]
            "/add-test" {:get ^:protected [:sot.handler.test/view]
                         [:post {add-form :form-params}] [:sot.handler.test/create add-form]}}}
...
} 
...
}
where my authfn is
(defmethod ig/init-key ::basic-auth [_ _]
  (println "Authenticated")
  (fn [request token]
    (println request)
    (println token)
    [::response/bad-request (vi/error-page)]))
I get the "Authenticated" log when i run my app but it is not calling the auth-fn function content at any point. Is there something I am missing ?

2021-08-29T13:09:51.004600Z

I’m not familiar with buddy, but I noticed several things. 1. The (println "Authenticated") line is called when the integrant key is initiated, not authentication. 2. The arity of the authfn does not match the example provided by duct.middleware.buddy https://github.com/duct-framework/middleware.buddy/blob/master/test/duct/middleware/buddy_test.clj#L9

m-arch 2021-08-29T14:48:23.004900Z

@hden yes indeed for both points but still that does not explain why I am not having any output with the authfn whatever I change it to. I changed my function arity, but that did not matter. Anyway I ended up plugging my own authentication process without the use of the buddy middleware , thank you

2021-08-29T14:56:42.005100Z

Perhaps any error thrown when invoking the authfn (e.g. arity mis-match) is interpreted as unauthenticated?

m-arch 2021-08-29T15:54:47.005300Z

no errors nothing i just use the site normally

2021-08-30T00:41:13.005500Z

(Again, I’m not familiar with buddy) Maybe you could pass an on-error handler to :duct.middleware.buddy/authentication? Looks like the default implementation swallows any error thrown from the auth-fn. https://github.com/funcool/buddy-auth/blob/master/src/buddy/auth/backends/token.clj#L67-L73