Skip to content

mischov/shepherd

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits

core

core

 
 

ring

ring

 
 

.gitignore

.gitignore

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

project.clj

project.clj

 
 

Repository files navigation

Shepherd

That ain't a Shepherd.

Shepherd provides a solid foundation upon which to build secure Clojure applications.

Contents

Features

Shepherd currently features:

  • Pashword hashing and comparison withBCrypt, SCrypt, and PBKDF2.
  • Hashing with MD5, SHA512, and various other algorithms.
  • HMACing with those same hashing algorithms.
  • Base64 and Hex encoding and decoding.
  • Protocols for Authorization and Authentication workflows.
  • Middleware and basic/example implementations of workflows for Ring apps.

Back To Top ⇧

Libraries

  • shepherd/core - Foundation upon which security solutions can be built.
  • shepherd/ring - Functionality for securing Ring apps.

Back To Top ⇧

Installation

To install one of the above libraries (shepherd/core for example), add the following dependency to your project.clj file:

[shepherd/core "0.0.2"]

To install all of the Shepherd libraries, add:

[shepherd "0.0.2"]

Back To Top ⇧

Why?

Rolling your own security for Clojure apps means fewer people testing your code, less expertise to draw on, and more work for yourself. Unfortunately, the Clojurian tendancy towards composing small, narrowly-purposed libraries means that many times you do have to roll your own.

Clojure's more integrated security libraries - namely Friend, Buddy, and Cylon - are improving this situation, but there is room for further improvement.

  1. Friend and Cylon are relatively focused or rigid in their approaches, but many of the fundamental pieces of these two libraries are similar, and there is room for a more modular library upon which both libraries could be built.

  2. There exist a number of tightly-focused, high-quality libraries - such as crypto-password and pandect - which integrated security libraries should be building on top of. The existing solutions tend towards implementing many of those things themselves.

Shepherd provides an integrated layer upon which further libraries can be built, and is itself built upon existing libraries where possible.

Back To Top ⇧

Status

Shepherd is in early alpha and still being designed.

It is not recommended to use Shepherd in production.

Back To Top ⇧

Quickstart

The workflows in shepherd/ring and the examples would be a good starting place until I can get a proper quickstart together.

Back To Top ⇧

TODO

Shepherd is still very much being implemented. Some upcoming features may include, but are certainly not limited to:

  • Documentation and Tutorials (by which a library lives or dies).
  • More Ring workflows for common functionality like Oauth.
  • (Possibly) Allowing multiple workflows.
  • (Possibly) Component workflows.

If you have any futher suggestions, please contact me or raise an issue.

Back To Top ⇧

License

Copyright © 2014 Mischov

Distributed under the Eclipse Public License.

About

A Clojure security playground. Authentication, authorization, and more.

Resources

Readme

License

EPL-1.0 license
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages