Browse Source

better wrap-fn

master
parent
commit
cd5d9bbf4d
Signed by: Yann Esposito (Yogsototh) <yann.esposito@gmail.com> GPG Key ID: 7B19A4C650D59646
3 changed files with 20 additions and 20 deletions
  1. 10
    12
      README.org
  2. 1
    1
      project.clj
  3. 9
    7
      src/ring_api_key_middleware/core.clj

+ 10
- 12
README.org View File

@@ -19,14 +19,13 @@ wrap your routes with it:
#+BEGIN_SRC clojure
(defn get-auth-from-api-key [token]
(when (= token "secret-api-key")
{:user "user-01"
:groups ["admin-id" "user-id"]
:username "username"
:group-names ["admin" "users"]
:admin true
:auth-type :api-key}))
{:user {:id "user-01" :name "username"}
:groups #{{:id "cisco" :name "Cisco"}}
:roles #{:admin :user}
:auth-type :api-key}))

(def app
(wrap-api-key-auth-fn handler get-auth-from-api-key))
((wrap-api-key-auth-fn get-auth-from-api-key) handler))
#+END_SRC

When configured like this all requests with the header:
@@ -39,11 +38,10 @@ will be modified to be passed to the handler with the new key `:api-key-info`
containing:

#+BEGIN_SRC clojure
{:user "user-01"
:groups ["admin-id" "user-id"]
:username "username"
:group-names ["admin" "users"]
:admin true}
{:user {:id "user-01" :name "username"}
:groups #{{:id "cisco" :name "Cisco"}}
:roles #{:admin :user}
:auth-type :api-key}
#+END_SRC

If the header contain an Authorization header with an unknown `api-key` the

+ 1
- 1
project.clj View File

@@ -1,4 +1,4 @@
(defproject threatgrid/ring-api-key-middleware "0.1.1-SNAPSHOT"
(defproject threatgrid/ring-api-key-middleware "0.1.2"
:description "A simple middleware to deal with API keys Authentication"
:url "http://github.com/threatgrid/ring-api-key-middleware"
:license {:name "Eclipse Public License - v 1.0"

+ 9
- 7
src/ring_api_key_middleware/core.clj View File

@@ -18,10 +18,12 @@

(defn wrap-api-key-fn
"I check "
[handler get-infos]
(fn [request]
(if-let [api-key (get-api-key request)]
(if-let [infos (get-infos api-key)]
(handler (assoc request :api-key-infos infos))
(unauthorized "wrong access key"))
(handler request))))
[get-infos]
(fn
[handler]
(fn [request]
(if-let [api-key (get-api-key request)]
(if-let [infos (get-infos api-key)]
(handler (assoc request :api-key-infos infos))
(unauthorized "wrong access key"))
(handler request)))))

Loading…
Cancel
Save