diff options
author | Matthias Andreas Benkard <code@mail.matthias.benkard.de> | 2012-02-29 22:45:24 +0100 |
---|---|---|
committer | Matthias Andreas Benkard <code@mail.matthias.benkard.de> | 2012-02-29 22:45:24 +0100 |
commit | 30515c14a029c140a82729962b06eecac1745f11 (patch) | |
tree | c823bc018faa30651481aee7d092d5150870dc28 /src/mulk/benki/main.clj | |
parent | c36256cb55640fbe452198831cb21cdeb4c570b9 (diff) |
Book Marx: Implement support for page-specific authentication tokens.
Diffstat (limited to 'src/mulk/benki/main.clj')
-rw-r--r-- | src/mulk/benki/main.clj | 22 |
1 files changed, 20 insertions, 2 deletions
diff --git a/src/mulk/benki/main.clj b/src/mulk/benki/main.clj index 169b60b..7ec01ec 100644 --- a/src/mulk/benki/main.clj +++ b/src/mulk/benki/main.clj @@ -3,11 +3,14 @@ (:use [clojure core repl pprint] noir.core [hiccup core page-helpers] - [mulk.benki util config]) + [mulk.benki util config db]) (:require [noir server options] [mulk.benki wiki auth book_marx] [ring.middleware.file] - [noir.session :as session])) + [noir.session :as session] + [noir.request :as request] + [clojure.java.jdbc :as sql]) + (:import [java.math BigDecimal BigInteger])) (defn wrap-utf-8 [handler] @@ -37,9 +40,24 @@ ;; (is must-revalidate even valid for server responses?) )))) +(defn wrap-auth-token [handler] + (fn [request] + (binding [*user* + (or (when-let [key (get-in request [:params :auth])] + (with-dbt + (sql/with-query-results results + ["SELECT \"user\" AS uid FROM page_keys + WHERE page = ? AND \"key\" = ?" + (:uri request) + (BigDecimal. (BigInteger. key 36))] + (:uid (first results))))) + (session/get :user))] + (handler request)))) + (do-once ::init (noir.server/add-middleware #(wrap-utf-8 %)) (noir.server/add-middleware #(wrap-base-uri %)) + (noir.server/add-middleware #(wrap-auth-token %)) (noir.server/add-middleware #(wrap-cache-control %)) (noir.server/add-middleware #(ring.middleware.file/wrap-file % "static"))) |