/friend-json-workflow

json auth workflow for cemerick/friend

Primary LanguageClojure

friend-json-workflow

Adds support for json session workflow to cemerick's friend library

Usage

see clojars page for install instructions:

https://clojars.org/org.marianoguerra/friend-json-workflow

see here for a complete example using immutant:

https://github.com/marianoguerra/immutant-recipes/tree/master/friend-json-auth

the pieces you need to add it to your app are:

(ns myns.api
  (:use [ring.middleware params keyword-params nested-params])

  (:require
    [cemerick.friend :as friend]
    (cemerick.friend [credentials :as creds])
    [ring.middleware.session :as ring-session]
    [marianoguerra.friend-json-workflow :as json-auth]))

(def api-handler (-> my-api
                     wrap-keyword-params
                     wrap-nested-params
                     wrap-params))

(def secure-app (-> api-handler
                    (friend/authenticate
                      {:login-uri "/myapp/api/session"
                       :unauthorized-handler json-auth/unauthorized-handler
                       :workflows [(json-auth/json-login
                                     :login-uri "/myapp/api/session"
                                     :login-failure-handler json-auth/login-failed
                                     :credential-fn (partial creds/bcrypt-credential-fn logic/get-user-by-username))]})
                    (ring-session/wrap-session)))

you will have to implement logic/get-user-by-username in the example above

  • POST /myapp/api/session with a json body with the credentias will do the login
  • DELETE /myapp/api/session will logout
  • GET /myapp/api/session will return current credentials

License

Copyright © 2013 marianoguerra

Distributed under the Eclipse Public License, the same as Clojure.