与朋友一起从 Compojure 中的身份验证中排除路由?
Exclude route from authentication in Compojure with friend?
我正在保护使用 compojure by basic authentication using the friend 库创建的几个 HTTP 路由。它看起来像这样:
(defroutes my-routes
(context "/ctx" []
(GET "/x" [] ...)
(GET "/y" [] ...)
(GET "/z" [] ...)))
(let [friend-auth-cfg {:allow-anon? false
:unauthenticated-handler #(workflows/http-basic-deny "Unauthorized" %)
:workflows [(workflows/http-basic
:credential-fn #(creds/bcrypt-credential-fn {"username" {:password (creds/hash-bcrypt "password")}} %)
:realm "My realm")]}
my-route (-> (wrap-defaults my-routes api-defaults)
(friend/authenticate friend-auth-cfg))]
(run-jetty (routes my-route)))
我想做的是将 "y" 路由 (/ctx/y) 排除在基本身份验证保护之外(但 x 和 z 仍应受到保护)。我怎样才能做到这一点?
我最终将 "my-routes" 分成两部分:
(defroutes protected-routes
(context "/ctx" []
(GET "/x" [] ...)
(GET "/z" [] ...)))
和:
(defroutes unprotected-routes
(GET "/ctx/y" [] ...))
并且仅将 friend/authenticate 中间件应用于 protected-routes 并最终像这样将它们合并在一起:
(run-jetty (routes my-route))
我正在保护使用 compojure by basic authentication using the friend 库创建的几个 HTTP 路由。它看起来像这样:
(defroutes my-routes
(context "/ctx" []
(GET "/x" [] ...)
(GET "/y" [] ...)
(GET "/z" [] ...)))
(let [friend-auth-cfg {:allow-anon? false
:unauthenticated-handler #(workflows/http-basic-deny "Unauthorized" %)
:workflows [(workflows/http-basic
:credential-fn #(creds/bcrypt-credential-fn {"username" {:password (creds/hash-bcrypt "password")}} %)
:realm "My realm")]}
my-route (-> (wrap-defaults my-routes api-defaults)
(friend/authenticate friend-auth-cfg))]
(run-jetty (routes my-route)))
我想做的是将 "y" 路由 (/ctx/y) 排除在基本身份验证保护之外(但 x 和 z 仍应受到保护)。我怎样才能做到这一点?
我最终将 "my-routes" 分成两部分:
(defroutes protected-routes
(context "/ctx" []
(GET "/x" [] ...)
(GET "/z" [] ...)))
和:
(defroutes unprotected-routes
(GET "/ctx/y" [] ...))
并且仅将 friend/authenticate 中间件应用于 protected-routes 并最终像这样将它们合并在一起:
(run-jetty (routes my-route))