Fork me on GitHub
#liberator
<
2019-01-17
>
kwladyka10:01:10

Track UI is so cool. Thanks you showed it to me.

kwladyka10:01:49

How can I know decision: authorized? true use :authorized key under the hood?

ordnungswidrig13:01:34

Oh, sorry, I had a typo earlier I always ment to write :authorized?

kwladyka13:01:33

What about fn like :as-response? Are there more of them?

kwladyka13:01:03

I mean this fn is not listed anywhere in Actions, Decisions, Hanlders etc.

kwladyka14:01:46

But fn is useful

kwladyka14:01:43

(resource {:allowed-methods [:post :options]
                       :available-media-types ["application/edn" "application/json"]
                       :handle-options (fn [_]
                                         (ring-response {}))
                       :handle-created (fn [{:keys [request] :as ctx}]
                                         (let [{:keys [params]} request
                                               {:keys [query]} params]
                                           (ring-response
                                             {:status 200
                                              :body (when query (lacinia/execute foo/schema query nil nil))})))
                       :as-response (fn [d ctx]
                                      (-> (as-response d ctx)
                                          (assoc-in [:headers "Access-Control-Allow-Origin"] "*")
                                          (assoc-in [:headers "Access-Control-Allow-Headers"] "Content-Type")))})
Is a way to not do :handle-options which return nothing to add headers in :as-response?

kwladyka14:01:06

without this key, as-reponse is not run 😕

kwladyka14:01:21

because :handle-options is nil

kwladyka15:01:55

I guess it should because :options is in allowed-methods

kwladyka19:01:42

From tests it sounds like :as-response should work without :handle-options

ordnungswidrig20:01:21

@kwladyka I will look into that tomorrow

kwladyka20:01:03

thank, at that moment I have this:

(resource {:allowed-methods [:post :options]
                              :new? false
                              :handle-options (constantly (ring-response {:status 401}))
                              :handle-no-content (fn [{:keys [request] :as ctx}]
                                                   (let [{:keys [params]} request
                                                         {:keys [email password]} params]
                                                     (if-let [uuid (auth/?login->uuid email password)]
                                                       (ring-response {:session {:uuid uuid}})
                                                       (ring-response {:status 401
                                                                       :session nil}))))})
This is the best what I achieved so far

kwladyka20:01:09

I am working on graphql response now

kwladyka21:01:45

(def handler-map
  {:not-found (constantly (not-found "404 not found"))
   ;; authentication - only for web browser users from our domains
   :authentication (resource {:allowed-methods [:post :options]
                              :new? false
                              :handle-options (constantly (ring-response {:status 204}))
                              :handle-no-content (fn [{:keys [request] :as ctx}]
                                                   (let [{:keys [params]} request
                                                         {:keys [email password]} params]
                                                     (if-let [uuid (auth/?login->uuid email password)]
                                                       (ring-response {:session {:uuid uuid}})
                                                       (ring-response {:status 401
                                                                       :session nil}))))})
   ;; public API, authentication and authorization by token or session
   :graphql (resource {:allowed-methods [:post :options]
                       :available-media-types ["application/edn" "application/json"]
                       :handle-options (constantly (ring-response {:status 204}))
                       :authorized? (fn [{:keys [request] :as ctx}]
                                      (let [{:keys [session headers]} request
                                            {:keys [uuid]} session
                                            {:strs [authorization]} headers
                                            token (some->> authorization
                                                           (re-matches #"(?i)Bearer\s([\d|a-f]{8}-(?:[\d|a-f]{4}-){3}[\d|a-f]{12})")
                                                           (second))]
                                        (or (auth/?token->uuid token)
                                            (auth/uuid-exist? uuid))))
                       :new? false
                       :respond-with-entity? true
                       :handle-ok (fn [{:keys [request] :as ctx}]
                                    (let [{:keys [params]} request
                                          {:keys [query]} params]
                                      (ring-response
                                        {:body (when query (lacinia/execute graphql/schema query nil nil))})))
                       :as-response (fn [d ctx]
                                      (-> (as-response d ctx)
                                          (assoc-in [:headers "Access-Control-Allow-Origin"] "*")
                                          (assoc-in [:headers "Access-Control-Allow-Headers"] "Content-Type")))})})
I did progress

kwladyka21:01:28

But probably I will have to move :authorized? to :handle-ok, because I have to get this token once again there or get uuid from session

kwladyka21:01:04

Unless there is a way to inject uuid to :handle-ok