reitit 2020-07-08 | Slack Archive

Does anyone know an example that shows how authentication & authorization is done with reitit?

Hey. I am busy figuring this out myself at the moment. I decided to go with https://github.com/funcool/buddy-auth. Let me know if you have any questions I can help you answer.

byrongibby10:07:12

I created an example building on a previous one. Not sure if this is the recommended way of doing things, but it works for me. Let me know if it is useful.

byrongibby10:07:31

https://github.com/byrongibby/reitit/tree/master/examples/ring-swagger-buddy-auth

gekkostate12:07:45

I used a combination of this https://luminusweb.com/docs/routes.html. https://adambard.com/blog/clojure-auth-with-buddy/ by Adam Bard and this https://www.reddit.com/r/Clojure/comments/2mjfh6/reagent_web_app_authentication/post.

valtteri18:07:53

#Also sent to the channel

I’m a bit late for the party but I have an open-source example of Buddy & Reitit using old-school middleware. The solution combines http-basic auth and JWT-tokens. Route with http-basic-auth middleware https://github.com/lipas-liikuntapaikat/lipas/blob/master/webapp/src/clj/lipas/backend/handler.clj#L177 Route with token-auth middleware https://github.com/lipas-liikuntapaikat/lipas/blob/master/webapp/src/clj/lipas/backend/handler.clj#L151 Middleware definitions https://github.com/lipas-liikuntapaikat/lipas/blob/master/webapp/src/clj/lipas/backend/middleware.clj Authentication backend definitions https://github.com/lipas-liikuntapaikat/lipas/blob/master/webapp/src/clj/lipas/backend/auth.clj Hope this helps somebody!

👍 15

valtteri10:07:26

I whipped up a PR with annotated example how to use Buddy to implement simple authentication and authorization with reitit. https://github.com/metosin/reitit/pull/419 Feedback is very welcome. 🙂

markbastian20:07:01

I have this route running on localhost and am trying to post a file to it using clj-http.

["/upload" {:post {:summary    "upload an artifact"
                        :parameters {:multipart {:file multipart/temp-file-part}}
                        :handler    (fn [request]
                                      (ok (select-keys
                                            request
                                            [:form-params
                                             :query-params
                                             :path-params
                                             :parameters])))}}]

I've tried a wide variety of permutations of the client invocation. For example, this contains some of the variants:

(let [mp {:name "foo.json" :content (io/file "foo.json")}]
    (->> {:method           :post
          :throw-exceptions false
          :url              ""
          :params           {:file mp}
          :form-params      {:file mp}
          :multipart-params {:file mp}
          :multipart        [mp]
          }
         client/request
         :body
         ch/parse-string))

I keep getting this spec error:

{"spec" "(spec-tools.core/spec {:spec (clojure.spec.alpha/keys :req-un [:spec$47151/file]), :type :map, :leaf? false})",
 "problems" [{"path" [],
              "pred" "(clojure.core/fn [%] (clojure.core/contains? % :file))",
              "val" {},
              "via" [],
              "in" []}],
 "type" "reitit.coercion/request-coercion",
 "coercion" "spec",
 "value" {},
 "in" ["request" "multipart-params"]}

Somehow I need to modify my client request to make the service happy. Any ideas as to what the right client request is? Here is working curl version:

curl -X POST --header 'Content-Type: multipart/form-data' --header 'Accept: application/json' {"type":"formData"} ''

markbastian20:07:43

I think I got it:

(client/request
    {:url       ""
     :method    :post
     :multipart [{:name "file" :content (io/file "foo.json")}]})

I swear I tried that before.

valtteri18:07:53

replied to a thread:Does anyone know an example that shows how authentication & authorization is done with reitit?

I’m a bit late for the party but I have an open-source example of Buddy & Reitit using old-school middleware. The solution combines http-basic auth and JWT-tokens. Route with http-basic-auth middleware https://github.com/lipas-liikuntapaikat/lipas/blob/master/webapp/src/clj/lipas/backend/handler.clj#L177 Route with token-auth middleware https://github.com/lipas-liikuntapaikat/lipas/blob/master/webapp/src/clj/lipas/backend/handler.clj#L151 Middleware definitions https://github.com/lipas-liikuntapaikat/lipas/blob/master/webapp/src/clj/lipas/backend/middleware.clj Authentication backend definitions https://github.com/lipas-liikuntapaikat/lipas/blob/master/webapp/src/clj/lipas/backend/auth.clj Hope this helps somebody!

👍 15

2020-07-08

Channels