Is this the right middleware order to add basic authentication to v3 starter app? (authenticate function just returns username if hard-coded password matches – temporary)
(-> (fn [ring-request] (-> (ring-response/resource-response "index.dev.html" {:root "public/electric_starter_app"}) (ring-response/content-type "text/html")))
(wrap-resource "public/electric_starter_app")
(wrap-content-type)
(electric-ring/wrap-electric-websocket (fn [ring-request] (electric-starter-app.main/electric-boot ring-request)))
(wrap-demo-authentication)
; note no no rejection here for stale Electric client (dev.cljc)
(cookies/wrap-cookies) ; order?
(wrap-params))
I'm seeing the same "username" cookie on two paths (only expect on /).
When I clear the cookies in browser, they come back on reload.whe wrap-demo-authentication is:
(defn wrap-demo-authentication "A Basic Auth example. Accepts any username/password and store the username in a cookie."
[next-handler]
(-> (fn [ring-req]
(let [res (next-handler ring-req)]
(if-let [username (:basic-authentication ring-req)]
(ring-response/set-cookie res "username" username {:http-only true})
res)))
(auth/wrap-basic-authentication authenticate)))The order seem correct. > When I clear the cookies in browser, they come back on reload. Browsers cache basic authentication. So the cookie is set again on refresh. Try in private browsing mode.