So here's what I discovered: If I wrap ONLY the www-routes in Friend and remove api-routes entirely, it works. So far, I've tried several combinations of route, handler/api, handler/site and friend and I get incorrect results, most often a null page.
Any ideas on how to wrap both handler/api and handler/site routes in Friend? On Wednesday, August 6, 2014 1:30:45 PM UTC-4, Gary Verhaegen wrote: > > I just checked, with the given code, after I switch the order of > middlewares, a POST to /login gives me a 302 redirect to > /login?&login_failed=Y while a POST with the correct credentials gives me a > 303 to /. > > I'm sorry I cannot explain why, however. > > On Wednesday, 6 August 2014, Gary Verhaegen <[email protected] > <javascript:>> wrote: > >> I was wrong, sorry. Looking at the code for >> c.f.workflows/interactive-form, you can indeed see where it intercepts a >> POST request to the provided :login-uri (lines 84-85 on current master). >> >> Which means I have absolutely no idea why it gives you a 404, except >> maybe if it is related to the other point about the order of middlewares. >> >> Sorry for the confusion. >> >> On Wednesday, 6 August 2014, Jonathon McKitrick <[email protected]> >> wrote: >> >>> I'm confused. None of the examples shown implemented the login POST >>> handler. The docs implied it was already part of the middleware: >>> >>> From https://github.com/cemerick/friend : >>> >>> >>> The example above defines a single workflow — one supporting the POSTing >>> of :username and :password parameters to (by default) /login — which >>> will discover the specified :credential-fn and use it to validate >>> submitted credentials. >>> <<< >>> >>> >>> -- >>> Jonathon McKitrick >>> >>> >>> On Wed, Aug 6, 2014 at 10:46 AM, Gary Verhaegen < >>> [email protected]> wrote: >>> >>>> 1. No, you have to provide it (as a non-protected route, obviously). >>>> 2. The order in which you apply the handler/site and >>>> friend/authenticate middlewares is reversed: friend needs the session (and >>>> others), so it should come "after" (or rather "within") the handler/site >>>> to >>>> work properly (in execution order). >>>> >>>> >>>> On Wednesday, 6 August 2014, Jonathon McKitrick <[email protected]> >>>> wrote: >>>> >>>>> First, the code: >>>>> >>>>> (ns pts.server >>>>> (:use [compojure.core]) >>>>> (:require [ring.adapter.jetty :as jetty] >>>>> [ring.util.response :as response] >>>>> [compojure.handler :as handler] >>>>> [compojure.route :as route] >>>>> [cemerick.friend :as friend] >>>>> (cemerick.friend [workflows :as workflows] >>>>> [credentials :as creds]))) >>>>> >>>>> (defroutes www-routes >>>>> (GET "/locked" [] (friend/authorize #{::admin} "Admin only")) >>>>> (GET "/home" [] (response/file-response "home.html" {:root >>>>> "resources/public"})) >>>>> (GET "/login" [] (response/file-response "login.html" {:root >>>>> "resources/public"})) >>>>> (GET "/" [] (response/redirect "index.html")) >>>>> (route/resources "/") >>>>> (route/not-found "Not Found")) >>>>> >>>>> (def app (handler/site www-routes)) >>>>> >>>>> (def users {"root" {:username "root" >>>>> :password (creds/hash-bcrypt "toor") >>>>> :roles #{::admin}}}) >>>>> >>>>> (def secure-app >>>>> (-> app >>>>> (friend/authenticate {:unauthorized-handler #(response/status >>>>> (response/response "NO") 401) >>>>> :credential-fn (partial >>>>> creds/bcrypt-credential-fn users) >>>>> :workflows >>>>> [(workflows/interactive-form)]}))) >>>>> >>>>> (defn -main [& args] >>>>> (let [port (Integer/parseInt (get (System/getenv) "PORT" "3000"))] >>>>> (jetty/run-jetty secure-app {:port port :join? false}))) >>>>> >>>>> It's dead simple, but 2 major things are not working. >>>>> >>>>> 1. The POST to /login to submit the login form gives a 404 Not >>>>> Found. Isn't the POST handler part of the friend/authenticate middleware? >>>>> 2. Attempts to access the /locked URL throw an exception and a >>>>> stacktrace, rather than calling the unauthorized handler: >>>>> throw+: {:cemerick.friend/required-roles #{:pts.server/admin}, >>>>> :cemerick.friend/exprs ["Admin only"], :cemerick.friend/type >>>>> :unauthorized, >>>>> :cemerick.friend/identity nil} >>>>> >>>>> What am I doing wrong here? >>>>> >>>>> -- >>>>> You received this message because you are subscribed to the Google >>>>> Groups "Clojure" group. >>>>> To post to this group, send email to [email protected] >>>>> Note that posts from new members are moderated - please be patient >>>>> with your first post. >>>>> To unsubscribe from this group, send email to >>>>> [email protected] >>>>> For more options, visit this group at >>>>> http://groups.google.com/group/clojure?hl=en >>>>> --- >>>>> You received this message because you are subscribed to the Google >>>>> Groups "Clojure" group. >>>>> To unsubscribe from this group and stop receiving emails from it, send >>>>> an email to [email protected]. >>>>> >>>>> For more options, visit https://groups.google.com/d/optout. >>>>> >>>> -- >>>> You received this message because you are subscribed to the Google >>>> Groups "Clojure" group. >>>> To post to this group, send email to [email protected] >>>> Note that posts from new members are moderated - please be patient with >>>> your first post. >>>> To unsubscribe from this group, send email to >>>> [email protected] >>>> For more options, visit this group at >>>> http://groups.google.com/group/clojure?hl=en >>>> --- >>>> You received this message because you are subscribed to a topic in the >>>> Google Groups "Clojure" group. >>>> To unsubscribe from this topic, visit >>>> https://groups.google.com/d/topic/clojure/yk32Imtd5u8/unsubscribe. >>>> To unsubscribe from this group and all its topics, send an email to >>>> [email protected]. >>>> For more options, visit https://groups.google.com/d/optout. >>>> >>> >>> -- >>> You received this message because you are subscribed to the Google >>> Groups "Clojure" group. >>> To post to this group, send email to [email protected] >>> Note that posts from new members are moderated - please be patient with >>> your first post. >>> To unsubscribe from this group, send email to >>> [email protected] >>> For more options, visit this group at >>> http://groups.google.com/group/clojure?hl=en >>> --- >>> You received this message because you are subscribed to the Google >>> Groups "Clojure" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to [email protected]. >>> For more options, visit https://groups.google.com/d/optout. >>> >> -- You received this message because you are subscribed to the Google Groups "Clojure" group. To post to this group, send email to [email protected] Note that posts from new members are moderated - please be patient with your first post. To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/clojure?hl=en --- You received this message because you are subscribed to the Google Groups "Clojure" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
