Cannot get Friend to work (login or unauthorized handler)

Wed, 06 Aug 2014 04:22:34 -0700 

First, the code:

(ns pts.server
  (:use [compojure.core])
  (:require [ring.adapter.jetty :as jetty]
            [ring.util.response :as response]
            [compojure.handler :as handler]
            [compojure.route :as route]
            [cemerick.friend :as friend]
            (cemerick.friend [workflows :as workflows]
                             [credentials :as creds])))

(defroutes www-routes
  (GET "/locked" [] (friend/authorize #{::admin} "Admin only"))
  (GET "/home" [] (response/file-response "home.html" {:root 
"resources/public"}))
  (GET "/login" [] (response/file-response "login.html" {:root 
"resources/public"}))
  (GET "/" [] (response/redirect "index.html"))
  (route/resources "/")
  (route/not-found "Not Found"))

(def app (handler/site www-routes))

(def users {"root" {:username "root"
                    :password (creds/hash-bcrypt "toor")
                    :roles #{::admin}}})

(def secure-app
  (-> app
      (friend/authenticate {:unauthorized-handler #(response/status 
(response/response "NO") 401)
                            :credential-fn (partial 
creds/bcrypt-credential-fn users)
                            :workflows [(workflows/interactive-form)]})))

(defn -main [& args]
  (let [port (Integer/parseInt (get (System/getenv) "PORT" "3000"))]
    (jetty/run-jetty secure-app {:port port :join? false})))

It's dead simple, but 2 major things are not working.

1.  The POST to /login to submit the login form gives a 404 Not Found.  
Isn't the POST handler part of the friend/authenticate middleware?
2.  Attempts to access the /locked URL throw an exception and a stacktrace, 
rather than calling the unauthorized handler:
throw+: {:cemerick.friend/required-roles #{:pts.server/admin}, 
:cemerick.friend/exprs ["Admin only"], :cemerick.friend/type :unauthorized, 
:cemerick.friend/identity nil}

What am I doing wrong here?

-- 
You received this message because you are subscribed to the Google
Groups "Clojure" group.
To post to this group, send email to clojure@googlegroups.com
Note that posts from new members are moderated - please be patient with your 
first post.
To unsubscribe from this group, send email to
clojure+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/clojure?hl=en
--- 
You received this message because you are subscribed to the Google Groups 
"Clojure" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to clojure+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to