This page is not created by, affiliated with, or supported by Slack Technologies, Inc.
2016-07-14
Channels
- # admin-announcements (2)
- # beginners (8)
- # boot (75)
- # clara (2)
- # cljs-dev (3)
- # cljsjs (39)
- # cljsrn (1)
- # clojure (75)
- # clojure-brasil (3)
- # clojure-dusseldorf (13)
- # clojure-gamedev (1)
- # clojure-mexico (1)
- # clojure-quebec (5)
- # clojure-russia (30)
- # clojure-sg (3)
- # clojure-spec (25)
- # clojure-uk (65)
- # clojurescript (36)
- # core-async (1)
- # cursive (15)
- # data-science (6)
- # datomic (38)
- # devcards (29)
- # editors (1)
- # emacs (11)
- # funcool (6)
- # hoplon (43)
- # immutant (48)
- # lambdaisland (2)
- # leiningen (9)
- # mental-health (4)
- # mount (1)
- # numerical-computing (1)
- # off-topic (4)
- # om (19)
- # onyx (1)
- # pedestal (1)
- # proton (1)
- # re-frame (21)
- # reagent (1)
- # specter (8)
- # sql (3)
- # testing (14)
- # untangled (9)
- # yada (31)
@severed-infinity: i'm using buddy's JWT - dyu have some questions ?
https://github.com/juxt/yada/blob/master/dev/src/yada/dev/security.clj uses yada.jwt
namespace
@dominicm: thank you for that link it is along the lines of what I was looking for. @mccraigmccraig: yes I am trying to first off test it through swagger, is it possible with yada? secondly I’ve currently 2 functions in my system that produces yada/resource models register and login with register sending a string value over the line with a user then add it to the system and return a JWT, where as with login I am trying to use the access-control of the resource model as means of authorisation and validation
@severed-infinity: yes - you will need to modify your swagger-ui source a little... take a look at the index.html and compare with this https://www.refheap.com/04cd14052282d2404711ca95b
then the "api-key" of the swagger-ui form will be supplied as the JWT Authorization header
i haven't used the access-control of the resource models yet... i have a custom yada interceptor for authenticated resources
is there any particular file in the project I must modify or the opened webpage each itme?
@severed-infinity: dyu mean in the swagger-ui project ?
I assumed in yada it produces a swagger-ui through possibly the swagger namespace coming on some file, or am I missing something about swagger
yada produces the swagger.json describing the API... swagger-ui is a separate project which parses a swagger.json and lets you interact with the API
ah I did not know that
i bundle the swagger-ui under resources in my api project, and serve it with a bidi route like ["swagger-ui/" (bidi/->ResourcesMaybe {:prefix "swagger-ui/"})]
that way i can modify swagger-ui to use JWT authentication (it's an easy mod - it's designed to be modified to support different auth schemes) and always default to the correct api location
Ah I get you now, just one last thing in regards to yada will it automatically use this customised swagger-ui from the resource folder when using (yada/swaggered) function?
no, it's up to you to serve the swagger-ui ... if you are using bidi for routing and have a vanilla project.clj then the route above will serve it from the resources/swagger-ui
path
ah ok got you
for the lazy, there is also the ring-swagger-ui (`[metosin/ring-swagger-ui "2.1.4-0”]`), has few helpers over the vanilla swagger-ui: one can customize some parts of ui from the backend code with clojure. For example, one can set how the “Authorize” input send info to the backend.
e.g. the :securityDefinitions
of the swagger spec affect the ui. There is an open issue of that in the swagger-ui, labelled won’t be fixed.. :securityDefinitions {:api_key {:type "apiKey", :name "x-api-key", :in "header”}
to get those working, one needs to use the ring.swagger.ui/swagger-ui
ring-route function.
hmmm, i'm trying to get swagger to work, but i think i have made some configuration error somewhere
the swagger.json loads perfectly fine, but i think there's a configuration issue with the ui somewhere, and after about two hours of debugging, i don't know where to look anymore
long story short: for the endpoints where swagger-ui should be listening at, i'm getting internal server errors that last-modified
is not a valid date:
http://qs.lc/hpuka
(afaict, it's the same logic as https://github.com/juxt/edge/blob/master/src/edge/web_server.clj#L41 )