Fork me on GitHub
#yada
<
2019-02-20
>
Geoffrey Gaillard21:02:27

I'm discovering and assessing yada for a future api project. So far so good. But I don't know how I am supposed to implement a generic middleware/interceptor that can be applied to multiple resources. Some resources should be secured and accessed by administrator only. If I wrap them with a ring middleware they don't appear in swagger anymore. I could make an interceptor but yada documentation is light on this topic. Should I put it in :interceptor-chain? Should I derive yada.yada/default-interceptor-chain, add my interceptor at the correct place?

dominicm21:02:27

@ggaillard the general recommendation on this is to treat your yada resources on data and walk over your bidi structure in order to locate admin routes.

Geoffrey Gaillard21:02:14

Thanks! If I get it right add-admin-auth is supposed to alter the resource map to change the interceptor chain and/or wrap the :authorize function?

dominicm22:02:02

What would you do on an individual yada resource to make it an admin one? I suspect you would set your authorize function yeah

Geoffrey Gaillard22:02:29

Ok make sense. Thank you 🙂

dominicm21:02:03

e.g.

[
["/admin" (clojure.walk/walk add-admin-auth [...])]
["/something-else" ...]
]