I'm using buddy-auth and following the tutorial, when I run the example application I get a HTTP auth username/password dialog as expected, but in my own app I just get the "Unauthorized" exception, no dialog appears.
;; fn needs to return a non-falsey value to indicate a positive authentication, the returned value is stored under the `:identity` key in the request.
(defn auth-user [request authdata]
(let [username (:username authdata)
password (:password authdata)]
username)) ;; FIXME: lookup username/password
(def auth-backend (http-basic-backend {:realm "MyApp" :authfn auth-user}))
;; my endpoint handler
(defn test-handler [r]
(if (authenticated? r)
(render (str "LOGGED IN" (:identity r)))
(throw-unauthorized)))
;; ROUTES (compojure)
(defroutes app
(GET "/test" [] test-handler))
;; ring handler
(def site
(-> (routes app)
(wrap-authentication auth-backend) ;; <---
(wrap-defaults)
(wrap-with-exception-handling)))
I don't think auth-user
is ever called.
It seems I need (wrap-authorization auth-backend)
too.
(def site
(-> (routes app)
(wrap-authentication auth-backend)
(wrap-authorization auth-backend)
(wrap-defaults)
(wrap-with-exception-handling)))