Implements a Rook middleware that you can use to apply authorization handlers to your endpoints.
This is a library for Rook 1.x series, not the newer Rook 2.x that is a plugin for the Pedestal framework.
One function is exposed, make-access-rules-middleware
. It accepts one argument,
which is an error handler for buddy-auth authorization failures. The signature
of this function is as such:
(defn my-handler [request rejected-val]
;; Do something appropriate
(-> "I'm sorry Dave" r/response (r/status 401)))
Access rules handlers take the request as an argument and return a success or error marker record.
(defn my-access-rule-handler [request]
;; always authorize
(accessrules/success))
Access rules can choose to reject with a value, (accessrules/error 42)
. This
value becomes available inside the error handler as rejected-val
.
Add it to your Rook namespace handler configuration thusly:
(ns something
(:require [solasistim.rook-middleware-access-rules
:refer [make-access-rule-middleware]]))
(rook/namespace-handler
{:default-middleware (make-access-rule-middleware error-handler)}
['solasistim.rook-middleware-access-rules.target-test-ns]))
Now set up your endpoint handlers as usual, but provide :access-rule
key in
their metadata, which should be either a plain function or a map.
Copyright © 2017 David Banks, LGPLv3