我正在使用ring compojure和friend来实现玩具应用中的基本密码身份验证。现在我试图实现一个示例,我的响铃服务器在每个浏览器中都会导致重定向循环。
这是我的代码:
(ns kassenclo.handlers
(:use [ring.util.response]
[ring.middleware.resource]
[ring.middleware.params])
(:require [compojure.core :refer :all]
[compojure.route :as route]
[ring.middleware.session :refer [wrap-session]]
[ring.middleware.keyword-params :refer [wrap-keyword-params]]
[kassenclo.views :as views]
[cemerick.friend :as friend]
[cemerick.friend.workflows :refer [make-auth]]))
(defroutes app
(GET "/" [] views/tally-view)
(GET "/inventory" [] (friend/authorize #{::user} views/inventory-view))
(route/not-found (html [:h1 "This page could not be found, please go back."])))
(defn auth-workflow [request]
(let [speak (get-in request [:params :speak])
credential-fn (get-in request [::friend/auth-config :credential-fn])]
(make-auth (credential-fn speak))))
(defn auth-credential [password]
(if (= password "pass")
{:identity password :roles #{::user}}))
(def handler
(-> app
(friend/authenticate {:workflows [auth-workflow]
:credential-fn auth-credential})
(wrap-keyword-params)
(wrap-params)
(wrap-session)
(wrap-resource "public")))
简单的调试显示服务器在停止之前在auth-workflow和auth-credential之间交替几次。任何人都可以向我指出我所缺少的东西吗?
//编辑:
奇怪的是,这个重定向循环发生在每个路由上,即使在/ friend命令中未使用defroutes的情况下也是如此。
答案 0 :(得分:0)
我发现make-auth函数包装了身份验证映射,因此它具有正确的表单必须应用于auth-credential 的返回值返回它之前。如果它发生在事后,就像在我的原始帖子朋友拒绝它,我们得到一个身份验证循环。