Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
3 changed files
with
32 additions
and
30 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,12 +1,28 @@ | ||
(ns {{name}}.api.user | ||
(:require [compojure.core :refer [defroutes GET]] | ||
[{{name}}.service.security :refer [restricted authenticated?]] | ||
(:require [compojure.core :refer [defroutes ANY]] | ||
[liberator.core :refer [defresource]] | ||
[{{name}}.service.security :refer [authenticated? admin? current-user]] | ||
[{{name}}.service.json :refer [clj->json]])) | ||
|
||
(defn- handle-user | ||
(defresource user | ||
[request] | ||
(clj->json {:user {:username (get-in request [:params :username]) | ||
:role "user"}})) | ||
:allowed-methods [:get :put] | ||
:available-media-types ["application/json"] | ||
:authorized? #(authenticated? (:request %)) | ||
:allowed? (fn [context] | ||
(let [request (:request context) | ||
method (:request-method request)] | ||
(if (= :put method) | ||
(admin? request) | ||
true))) | ||
:handle-ok #(clj->json (current-user (:request %))) | ||
:put! (fn [_] (println "New user"))) | ||
|
||
(defresource user-by-username | ||
:available-media-types ["application/json"] | ||
:authorized? #(authenticated? (:request %)) | ||
:handle-ok #(clj->json {:user {:username (get-in % [:request :params :username])}})) | ||
|
||
(defroutes user-routes | ||
(GET "/user/:username" request (restricted authenticated? handle-user request))) | ||
(ANY "/user" request (user request)) | ||
(ANY "/user/:username" request (user-by-username request))) |
33 changes: 9 additions & 24 deletions
33
src/leiningen/new/lein_api_rest_template/src/service/security.clj
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,32 +1,17 @@ | ||
(ns {{name}}.service.security | ||
(:require [{{name}}.service.json :refer [clj->json]])) | ||
|
||
(defmacro restricted | ||
"Macro for restricted part of the API. | ||
Takes a predicate function and the handler to execute if predicate is true." | ||
[predicate-fn handler request & args] | ||
`(let [{:keys [~'authorized ~'status ~'message]} (~predicate-fn ~request)] | ||
(if ~'authorized | ||
(~handler ~request ~@args) | ||
{:status ~'status | ||
:headers {} | ||
:body (clj->json {:error ~'message})}))) | ||
|
||
(defn authenticated? | ||
"Sample authentication function. Test if current user is not null." | ||
"Sample authentication function." | ||
[request] | ||
(if true | ||
{:authorized true} | ||
{:authorized false | ||
:status 401 | ||
:message "Authentication required"})) | ||
true) | ||
|
||
(defn admin? | ||
"Sample authorization function. Test if current user it admin." | ||
"Sample admin authorization function." | ||
[request] | ||
false) | ||
|
||
(defn current-user | ||
"Get current user." | ||
[request] | ||
(let [authorized false] | ||
(if authorized | ||
{:authorized true} | ||
{:authorized false | ||
:status 403 | ||
:message "Admin authorization required"}))) | ||
{:user {:username "foo"}}) |