Clojure的朋友会导致基本身份验证的重定向循环

时间:2017-03-12 19:31:32

标签: clojure friend ring

我正在使用ring compojurefriend来实现玩具应用中的基本密码身份验证。现在我试图实现一个示例,我的响铃服务器在每个浏览器中都会导致重定向循环。

这是我的代码:

(ns kassenclo.handlers
  (:use [ring.util.response]
        [ring.middleware.resource]
        [ring.middleware.params])
  (:require [compojure.core :refer :all]
            [compojure.route :as route]
            [ring.middleware.session :refer [wrap-session]]
            [ring.middleware.keyword-params :refer [wrap-keyword-params]]
            [kassenclo.views :as views]
            [cemerick.friend :as friend]
            [cemerick.friend.workflows :refer [make-auth]]))

(defroutes app
  (GET "/" [] views/tally-view)
  (GET "/inventory" [] (friend/authorize #{::user} views/inventory-view))
  (route/not-found (html [:h1 "This page could not be found, please go back."])))

(defn auth-workflow [request]
  (let [speak (get-in request [:params :speak])
        credential-fn (get-in request [::friend/auth-config :credential-fn])]
    (make-auth (credential-fn speak))))

(defn auth-credential [password]
  (if (= password "pass")
    {:identity password :roles #{::user}}))

(def handler
  (-> app
      (friend/authenticate {:workflows [auth-workflow]
                            :credential-fn auth-credential})
      (wrap-keyword-params)
      (wrap-params)
      (wrap-session)
      (wrap-resource "public")))

简单的调试显示服务器在停止之前在auth-workflowauth-credential之间交替几次。任何人都可以向我指出我所缺少的东西吗?

//编辑: 奇怪的是,这个重定向循环发生在每个路由上,即使在/ friend命令中未使用defroutes的情况下也是如此。

1 个答案:

答案 0 :(得分:0)

我发现make-auth函数包装了身份验证映射,因此它具有正确的表单必须应用于auth-credential 的返回值返回它之前。如果它发生在事后,就像在我的原始帖子朋友拒绝它,我们得到一个身份验证循环。