Fork me on GitHub

Follow-up to my body-params question earlier: where do body-params get merged with the request? My dummied tests ran fine but I've discovered that using the Swagger UI causes a validation error.


@mrchance I use Buddy access rules, which pattern-match the request path. That could straightforwardly block unauth'd access to the entire API.


@daveliepmann Thanks for the reply, I ended up writing it myself since we already have all the rest of the infrastructure in place, but the solution is similar to how buddy seems to handle it


I suspect it is happening somewhere in the thicket of middleware, which I'd turned off for other reasons.


@mrchance hi, about the mw order. You could set your mw inside the api. with 1.2.0-alpha3, there is the :mw key in api, e.g. (api {:mw [my-auth-verifier]} …). It would not see coercion errors as they are thrown from handlers and caught my the api-middleware, so a 400 would be returned if the data was ill.


@daveliepmann to read the body-params, you should have some http-body-formatting library installed (which reads the body-stream and populates the body-params out of it). The api-middleware uses Muuntaja to do this. If you disable the api-middleware, you have to put a formatting middleware into the mw-chain yourself. There is the (used by pre 1.2.0) and (1.2.0+).


your code should run smoothly with either one.