yogsototh/ring-api-key-middleware
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

better wrap-fn

Browse source
This commit is contained in:
Yann Esposito (Yogsototh) 2017-11-07 17:07:53 +01:00
parent b3c8160a55
commit cd5d9bbf4d
Signed by untrusted user who does not match committer: yogsototh
GPG key ID: 7B19A4C650D59646
3 changed files with 20 additions and 20 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

22
README.org
View file

@ -19,14 +19,13 @@ wrap your routes with it:
#+BEGIN_SRC clojure
(defn get-auth-from-api-key [token]
(when (= token "secret-api-key")
{:user "user-01"
:groups ["admin-id" "user-id"]
:username "username"
:group-names ["admin" "users"]
:admin true
:auth-type :api-key}))
{:user {:id "user-01" :name "username"}
:groups #{{:id "cisco" :name "Cisco"}}
:roles #{:admin :user}
:auth-type :api-key}))
(def app
(wrap-api-key-auth-fn handler get-auth-from-api-key))
((wrap-api-key-auth-fn get-auth-from-api-key) handler))
#+END_SRC
When configured like this all requests with the header:
@ -39,11 +38,10 @@ will be modified to be passed to the handler with the new key `:api-key-info`
containing:
#+BEGIN_SRC clojure
{:user "user-01"
:groups ["admin-id" "user-id"]
:username "username"
:group-names ["admin" "users"]
:admin true}
{:user {:id "user-01" :name "username"}
:groups #{{:id "cisco" :name "Cisco"}}
:roles #{:admin :user}
:auth-type :api-key}
#+END_SRC
If the header contain an Authorization header with an unknown `api-key` the

2
project.clj
View file

@ -1,4 +1,4 @@
(defproject threatgrid/ring-api-key-middleware "0.1.1-SNAPSHOT"
(defproject threatgrid/ring-api-key-middleware "0.1.2"
:description "A simple middleware to deal with API keys Authentication"
:url "http://github.com/threatgrid/ring-api-key-middleware"
:license {:name "Eclipse Public License - v 1.0"

16
src/ring_api_key_middleware/core.clj
View file

@ -18,10 +18,12 @@
(defn wrap-api-key-fn
"I check "
[handler get-infos]
(fn [request]
(if-let [api-key (get-api-key request)]
(if-let [infos (get-infos api-key)]
(handler (assoc request :api-key-infos infos))
(unauthorized "wrong access key"))
(handler request))))
[get-infos]
(fn
[handler]
(fn [request]
(if-let [api-key (get-api-key request)]
(if-let [infos (get-infos api-key)]
(handler (assoc request :api-key-infos infos))
(unauthorized "wrong access key"))
(handler request)))))