This page is not created by, affiliated with, or supported by Slack Technologies, Inc.
2024-01-07
Channels
- # announcements (2)
- # beginners (30)
- # calva (7)
- # cherry (15)
- # clerk (21)
- # clojure (1)
- # clojure-losangeles (12)
- # clojure-norway (1)
- # clojure-spec (3)
- # clojurescript (31)
- # conjure (2)
- # cursive (44)
- # datomic (13)
- # emacs (13)
- # honeysql (15)
- # hyperfiddle (7)
- # malli (2)
- # off-topic (17)
- # overtone (6)
- # reitit (7)
- # ring (58)
- # shadow-cljs (12)
- # squint (14)
- # tools-deps (14)
- # web-security (1)
- # xtdb (29)
In https://github.com/hyperfiddle/electric-xtdb-starter/blob/master/src/user.clj we define user/!xtdb var, which works well for dev setups. In https://github.com/hyperfiddle/electric-starter-app/blob/main/src/prod.clj, you define prod as a separate namespace that just starts jetty. How would you handle a case when in prod we have a need to define such a stateful !xtdb var or e/def?
In my project I have several such stateful objects/vars (for xtdb, graalvm context, playwright browser) which I initialise in user.clj and then later do (binding [!xtdb @(requiring-resolve 'user/!xtdb)])
. How should I approach this in uberjar deployments? Should I create some shared-vars namespace and (alter-var-root #'shared-vars/!xtdb)
from both user.clj and prod.clj? Or alter-var-root does not work well with uberjars?
We have an exemple here. No official support. local-def
was initially built for testing only.
https://github.com/hyperfiddle/electric-fiddle/blob/0c11afadf1374666e502c700be18360fe57f3998/src-dev/fiddle_manager.clj#L168
I have re-thought my strategy for user phone number logins. Rather than write session data to the database, you can simply have the tuple/quadruple
{:phone 777777777 :session "x2345" :expiry 99999999 :signature "signature-made-by-applying-algorithm-to-phone,sesh,expiry-with-your-secret-key-for-making-sigs"}
and then the middleware can simply double check that the signature is valid for the given :phone, sesh, expiry
ta.da.
one drawback being that manually expiring tokens will require some statefulness and that requires a db.
okay my latest and greatest strategy:
do OTP validation in electric app
set cookies in electric app via (set! (.-cookie js/document) (str name "=" value";"))
immediately after, hit the server endpoint which confirms the sig is correct and if not, clears cookies. if good, returns cookies as they are. seems to be effective. time to shower xD