Skip to content
This repository

Setting up basic authentication for parts of your application

Given:

(defn authenticated? [username password]
  ..)

For a compojure setup separate your public and protected routes:

(defroutes public-handler
  (GET ..))

(defroutes protected-handler
  (POST ..))

(defroutes handler
  public-handler
  (wrap-basic-authentication protected-handler authenticated?))

Annoying quirk: adding a not-found route will require authentication..

For a plain ring setup make your own middleware to for instance protect all locations with /protected/ in it:

(defn wrap-guard [app]
  (let [guard (wrap-basic-authentication app authenticated?)]
    (fn [req]
      (if (re-matches #".*/protected/.*" (:uri req))
        (guard req)
        (app req))))
Something went wrong with that request. Please try again.