This page is not created by, affiliated with, or supported by Slack Technologies, Inc.
2020-07-20
Channels
- # announcements (7)
- # babashka (16)
- # beginners (58)
- # boot (12)
- # calva (3)
- # cider (11)
- # clj-kondo (9)
- # cljs-dev (8)
- # clojure (82)
- # clojure-europe (9)
- # clojure-italy (11)
- # clojure-losangeles (1)
- # clojure-nl (8)
- # clojure-uk (8)
- # clojurescript (5)
- # css (2)
- # cursive (5)
- # datomic (20)
- # docker (2)
- # emacs (4)
- # figwheel-main (16)
- # fulcro (53)
- # graalvm (17)
- # jackdaw (2)
- # jobs (4)
- # kaocha (6)
- # lambdaisland (2)
- # luminus (2)
- # meander (1)
- # off-topic (146)
- # re-frame (4)
- # releases (1)
- # rum (12)
- # sci (71)
- # shadow-cljs (26)
- # test-check (22)
- # vim (1)
- # xtdb (9)
@jonathanj you may need to use from buddy.auth.accessrules for this.
;; File: src/some_app/middleware.clj
(defn open-gates [request]
true)
(def rules [{:pattern #"^/admin.*"
:handler admin-access
:redirect "/notauthorized"},
{:pattern #"^\/vclass.*"
:handler user-access
:redirect "/notauthorized"},
{:pattern #"^\/api.*"
:handler open-gates
:redirect "/notauthorized"},
{:pattern #"^/user.*"
:handler authenticated?}])
(defn wrap-base [handler]
(-> ((:middleware defaults) handler)
wrap-auth
(wrap-access-rules {:rules rules :on-error on-error})
(wrap-authentication (session-backend))
wrap-flash
(wrap-defaults
(-> site-defaults
(assoc-in [:security :anti-forgery] false)
(assoc-in [:session :store] (ttl-memory-store (* 60 30)))))
wrap-internal-error))
@nfedyashev Thanks, I did eventually find that and managed to implement a middleware for this. Then I started on the rabbit hole of “why just check roles on the edges of my application” and now I have a couple of tabs about object capability open, so any more recommended reading would be appreciated.