Fork me on GitHub

@clojer This is where the signup happens: This is the part when a user logs in: These are the rules for authentication / authorization: You can see that they make use of the data you put into the session on login / signup And this is the middleware that checks authorization / authentication according to the defined rules above This is the database code to create a user: I am using buddy for the complete process (auth and encryption of the password) and for access to database. And finally component to create components which are passed down into the functions that need them: I agree that its a bit of work to get that part working, especially when you are new to clojure, as it involves a lot of concepts like components, ring, authentication, db access + plus the general new stuff clojure offers anyway. If you have more questions or some code to show, just go ahead.


Thanks. Mine’s a Luminus app but I may be able to rework some of your Buddy auth code.


@clojer I think luminus uses buddy too, IIRC


@sveri Yes, it does but with code like this layered on top:


… I find it unusable. I mean, you even have to work out for yourself that the missing defmulit is coming from compojure.api.meta


Luminus is otherwise quite nice to use but the auth needs some serious work if it’s to be of any relevance to newcomers.


Can anyone explain in what this means: “The :current-user key will bind the :identity from the request and can be used to access the user identity.” ?


If I submit a form with 2 params - email and password - what is this :identity?


hi @clojer if you look at the example, in the` POST /login`, you’’re jamming the userid into the session. with the :identity key. That in turn makes available in the request chain thanks to the wrap-session middlware. That in turn, allows the restructure-param to grab it and map it to :current-user


But where is the database lookup? There’s no session or identity when the user first logs in.


Not in the request, that is.


right, that’s up to you to implement. You said you used the luminus template to gen the app with posgres or somehting support


you need to create the db-migration, etc that you need to do the checking


also, FYI, @yogthos the guy who created luminus wrote a book “Web development in clojure” which is a pretty good introduction to a lot of this stuff and of course uses luminus