我使用compojure库通过基本身份验证保护了使用friend创建的几条HTTP路由。它看起来像这样:
(defroutes my-routes
(context "/ctx" []
(GET "/x" [] ...)
(GET "/y" [] ...)
(GET "/z" [] ...)))
(let [friend-auth-cfg {:allow-anon? false
:unauthenticated-handler #(workflows/http-basic-deny "Unauthorized" %)
:workflows [(workflows/http-basic
:credential-fn #(creds/bcrypt-credential-fn {"username" {:password (creds/hash-bcrypt "password")}} %)
:realm "My realm")]}
my-route (-> (wrap-defaults my-routes api-defaults)
(friend/authenticate friend-auth-cfg))]
(run-jetty (routes my-route)))
我想做的是排除" y"路由(/ctx/y
)受基本身份验证保护(但x和z仍应受到保护)。我怎样才能做到这一点?
答案 0 :(得分:2)
我最终将“my-routes”拆分为两部分:
(defroutes protected-routes
(context "/ctx" []
(GET "/x" [] ...)
(GET "/z" [] ...)))
和
(defroutes unprotected-routes
(GET "/ctx/y" [] ...))
仅将friend/authenticate
中间件应用于protected-routes
并将它们最终合并在一起:
(run-jetty (routes my-route))