diff --git a/src/leiningen/new/lein_api_rest_template/project.clj b/src/leiningen/new/lein_api_rest_template/project.clj index 4708682..b3f597d 100644 --- a/src/leiningen/new/lein_api_rest_template/project.clj +++ b/src/leiningen/new/lein_api_rest_template/project.clj @@ -6,6 +6,7 @@ :dependencies [[org.clojure/clojure "1.6.0"] [ring "1.2.2"] [compojure "1.1.8"] + [liberator "0.11.0"] [cheshire "5.3.1"]] :profiles {:dev {:dependencies [[org.clojure/tools.namespace "0.2.4"]] :source-paths ["dev"]}} diff --git a/src/leiningen/new/lein_api_rest_template/src/api/user.clj b/src/leiningen/new/lein_api_rest_template/src/api/user.clj index 7944255..d1c4e62 100644 --- a/src/leiningen/new/lein_api_rest_template/src/api/user.clj +++ b/src/leiningen/new/lein_api_rest_template/src/api/user.clj @@ -1,12 +1,28 @@ (ns {{name}}.api.user - (:require [compojure.core :refer [defroutes GET]] - [{{name}}.service.security :refer [restricted authenticated?]] + (:require [compojure.core :refer [defroutes ANY]] + [liberator.core :refer [defresource]] + [{{name}}.service.security :refer [authenticated? admin? current-user]] [{{name}}.service.json :refer [clj->json]])) -(defn- handle-user +(defresource user [request] - (clj->json {:user {:username (get-in request [:params :username]) - :role "user"}})) + :allowed-methods [:get :put] + :available-media-types ["application/json"] + :authorized? #(authenticated? (:request %)) + :allowed? (fn [context] + (let [request (:request context) + method (:request-method request)] + (if (= :put method) + (admin? request) + true))) + :handle-ok #(clj->json (current-user (:request %))) + :put! (fn [_] (println "New user"))) + +(defresource user-by-username + :available-media-types ["application/json"] + :authorized? #(authenticated? (:request %)) + :handle-ok #(clj->json {:user {:username (get-in % [:request :params :username])}})) (defroutes user-routes - (GET "/user/:username" request (restricted authenticated? handle-user request))) + (ANY "/user" request (user request)) + (ANY "/user/:username" request (user-by-username request))) diff --git a/src/leiningen/new/lein_api_rest_template/src/service/security.clj b/src/leiningen/new/lein_api_rest_template/src/service/security.clj index 8b0fc45..8db600a 100644 --- a/src/leiningen/new/lein_api_rest_template/src/service/security.clj +++ b/src/leiningen/new/lein_api_rest_template/src/service/security.clj @@ -1,32 +1,17 @@ (ns {{name}}.service.security (:require [{{name}}.service.json :refer [clj->json]])) -(defmacro restricted - "Macro for restricted part of the API. - Takes a predicate function and the handler to execute if predicate is true." - [predicate-fn handler request & args] - `(let [{:keys [~'authorized ~'status ~'message]} (~predicate-fn ~request)] - (if ~'authorized - (~handler ~request ~@args) - {:status ~'status - :headers {} - :body (clj->json {:error ~'message})}))) - (defn authenticated? - "Sample authentication function. Test if current user is not null." + "Sample authentication function." [request] - (if true - {:authorized true} - {:authorized false - :status 401 - :message "Authentication required"})) + true) (defn admin? - "Sample authorization function. Test if current user it admin." + "Sample admin authorization function." + [request] + false) + +(defn current-user + "Get current user." [request] - (let [authorized false] - (if authorized - {:authorized true} - {:authorized false - :status 403 - :message "Admin authorization required"}))) + {:user {:username "foo"}})