在朋友中排除Compojure中的身份验证路由?

时间:2015-12-17 13:49:46

标签: clojure basic-authentication compojure

我使用compojure库通过基本身份验证保护了使用friend创建的几条HTTP路由。它看起来像这样:

(defroutes my-routes
             (context "/ctx" []
                      (GET "/x" [] ...)
                      (GET "/y" [] ...)
                      (GET "/z" [] ...)))

(let [friend-auth-cfg {:allow-anon?             false
                       :unauthenticated-handler #(workflows/http-basic-deny "Unauthorized" %)
                       :workflows               [(workflows/http-basic
                                                   :credential-fn #(creds/bcrypt-credential-fn {"username" {:password (creds/hash-bcrypt "password")}} %)
                                                   :realm "My realm")]}
      my-route (-> (wrap-defaults my-routes api-defaults)
                   (friend/authenticate friend-auth-cfg))]
   (run-jetty (routes my-route)))

我想做的是排除" y"路由(/ctx/y)受基本身份验证保护(但x和z仍应受到保护)。我怎样才能做到这一点?

1 个答案:

答案 0 :(得分:2)

我最终将“my-routes”拆分为两部分:

(defroutes protected-routes
             (context "/ctx" []
                      (GET "/x" [] ...)
                      (GET "/z" [] ...)))

(defroutes unprotected-routes
             (GET "/ctx/y" [] ...))

仅将friend/authenticate中间件应用于protected-routes并将它们最终合并在一起:

(run-jetty (routes my-route))