I'm definitely up for that, if I knew about buddy I wouldn't have started the lib in the first place. :) I found friend to be a bit too complex for what I needed in the apps I was writing as well. I originally added the access restriction logic to lib-noir, but recently I started considering deprecating it in favor of standalone libraries for all the functionality that it bundles. Buddy looks like a perfect solution for web app security.
I only see a couple of small differences in functionality. Buddy requires a handler function, while I opted for allowing a static redirect URI as an alternative. I allow specifying a vector of uri patterns for each set of rules. I'm also using Clout (https://github.com/weavejester/clout) for request matching instead of plain regex. All of these are very minor differences however. I think I'll be moving Luminus over to use Buddy instead lib-noir for security. :) On Tuesday, December 9, 2014 4:13:44 PM UTC-5, Andrey Antukh wrote: > > Would be awesome join forces, and If you miss something that you library > is already support, let me know, and we can integrate it in buddy. > > I have made buddy because I'm little frustrate with friend approach (is > good but not convinced me). > > Regards. > Andrey > > 2014-12-09 21:30 GMT+01:00 Dmitri <[email protected] <javascript:>>: > >> That does look rather similar actually, and it looks like buddy does a >> lot more as well. I guess that validates the approach, I'll have to see if >> it fits all my use cases. :) >> >> On Tuesday, December 9, 2014 2:43:42 PM UTC-5, Andrey Antukh wrote: >>> >>> Hi Dmitri! >>> >>> If I understand it well, is a very similar system already implemented in >>> buddy: http://niwibe.github.io/buddy/#_access_rules_system >>> <http://www.google.com/url?q=http%3A%2F%2Fniwibe.github.io%2Fbuddy%2F%23_access_rules_system&sa=D&sntz=1&usg=AFQjCNFhCj_anD1ohvV4MbWGgBmSj3OGng> >>> >>> >>> Regards. >>> Andrey. >>> >>> 2014-12-09 19:11 GMT+01:00 Dmitri <[email protected]>: >>> >>>> https://github.com/yogthos/ring-access-rules >>>> >>>> Friend is a great library, but it's definitely not easy to get into and >>>> I found it can actually make the workflow logic difficult to follow in >>>> some >>>> cases. >>>> >>>> My experience has been that for apps I work on all I want is to apply a >>>> decision function to a route to see if it should be accessible. The >>>> decision logic really tends to be application specific. It's easy to write >>>> a custom access control function for a specific scenario, but it's >>>> difficult to make a generic one that works well for any scenario. This >>>> library provides a simple way to associate access control functions with >>>> routes and leaves the workflow up to the user. >>>> >>>> -- >>>> You received this message because you are subscribed to the Google >>>> Groups "Clojure" group. >>>> To post to this group, send email to [email protected] >>>> Note that posts from new members are moderated - please be patient with >>>> your first post. >>>> To unsubscribe from this group, send email to >>>> [email protected] >>>> For more options, visit this group at >>>> http://groups.google.com/group/clojure?hl=en >>>> --- >>>> You received this message because you are subscribed to the Google >>>> Groups "Clojure" group. >>>> To unsubscribe from this group and stop receiving emails from it, send >>>> an email to [email protected]. >>>> For more options, visit https://groups.google.com/d/optout. >>>> >>> >>> >>> >>> -- >>> Andrey Antukh - Андрей Антух - <[email protected]> / < >>> [email protected]> >>> http://www.niwi.be <http://www.niwi.be/page/about/> >>> https://github.com/niwibe >>> >> -- >> You received this message because you are subscribed to the Google >> Groups "Clojure" group. >> To post to this group, send email to [email protected] >> <javascript:> >> Note that posts from new members are moderated - please be patient with >> your first post. >> To unsubscribe from this group, send email to >> [email protected] <javascript:> >> For more options, visit this group at >> http://groups.google.com/group/clojure?hl=en >> --- >> You received this message because you are subscribed to the Google Groups >> "Clojure" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected] <javascript:>. >> For more options, visit https://groups.google.com/d/optout. >> > > > > -- > Andrey Antukh - Андрей Антух - <[email protected] <javascript:>> / < > [email protected] <javascript:>> > http://www.niwi.be <http://www.niwi.be/page/about/> > https://github.com/niwibe > -- You received this message because you are subscribed to the Google Groups "Clojure" group. To post to this group, send email to [email protected] Note that posts from new members are moderated - please be patient with your first post. To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/clojure?hl=en --- You received this message because you are subscribed to the Google Groups "Clojure" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
