A template for web apps with user auth using OWASP best practices and pedestal

[Brandon R]

Hello,

I've recently been working on building a web app with authentication using specific libraries and tooling that I wanted to use. I separated that part out into a separate repo for my own reference later, and for anyone who might find it useful.

https://github.com/bpringe/auth-template

Features:

• user sign up with email address
• email verification via link with token emailed to user
• user login
• user logout
• forgot password / password reset

Tooling:

• clojure cli
• pedestal for the backend service
• java-time for handling time and dates
• postal for sending emails
• yogthos/config for configuration
• next.jdbc for database interaction
• hiccup for rendering html
• buddy-hashers for hashing passwords and checking raw passwords against stored hashes
• hikaricp for database connection pooling
• docker for packaging and deployment
• shadow-cljs for clojurescript compilation

Happy Clojuring,

Brandon