-
Notifications
You must be signed in to change notification settings - Fork 13
/
auth.clj
34 lines (28 loc) · 1.03 KB
/
auth.clj
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
(ns geheimtur.util.auth
"Namespace that holds authentication/authorization related functions.")
(defn get-identity
"Returns the identity associated with the given request."
[request]
(get-in request [:session ::identity]))
(defn authenticate
"Authenticates the given request/response."
[r identity]
(assoc-in r [:session ::identity] identity))
(defn authenticated?
"Checks if the given request is authenticated."
[request]
(not (nil? (get-identity request))))
(defn authorized?
"Checks if an authenticated request has required roles."
[request required-roles]
(when-let [granted-roles (get-in request [:session ::identity :roles])]
(some granted-roles required-roles)))
(defn logout
"Cleans up the given response of identity information."
[response]
(assoc-in response [:session ::identity] nil))
(defn throw-forbidden
"Throws the access forbbidden exception with [info] content.
Default error type :unauthenticated."
[info]
(throw (ex-info "403 Forbidden" (merge {::type :unauthenticated} info))))