I do use wrap-defaults already (super nice lib indeed!)
(http/run-server
(-> (routes lagosta-routes)
wrap-user-info ; gets user info (see post above)
(wrap-oauth2 okta-attrs) ; gets tokens
wrap-auth ; checks if there are okta tokens in session, redirects to /login otherwise
(wrap-defaults (-> site-defaults
(assoc-in [:session :cookie-attrs :same-site] :lax))))
{:port 3434})))
wrap-user-info is adding the info to the session, but it’s gone if I switch to another page. This works if the “landing page” where the user is redirected after completing oauth2 responds with
(-> response (assoc-in [:session] session-with-user)) -> then the wrap-user-info middleware just lets the request through without adding anything. Maybe my order is indeed wrong?