(wrap-reload) breaks authentication
11 views
Skip to first unread message
thenwithexpandedwingshesteershisflight
Apr 7, 2011, 3:55:04 AM4/7/11
to Sandbar Library
Hi,
I found that using ring's (wrap-reload '[namespace-of-routes-
definition]) in your application routes breaks the form-
authentication. The login form redirects back to the login form
regardless of the outcome. It doesn't matter what order in the ->
threading for your routes you put (wrap-reload) in either. I noticed
that form-authentication-adapter is evaluated many times instead of
once when (wrap-reload) is used. My Clojure skills aren't yet up to
working-out why this is. It only breaks if the namespaced in which the
routes are defined (i.e. similar to core in the example code) is wrap-
reloaded.
I found that using ring's (wrap-reload '[namespace-of-routes-
definition]) in your application routes breaks the form-
authentication. The login form redirects back to the login form
regardless of the outcome. It doesn't matter what order in the ->
threading for your routes you put (wrap-reload) in either. I noticed
that form-authentication-adapter is evaluated many times instead of
once when (wrap-reload) is used. My Clojure skills aren't yet up to
working-out why this is. It only breaks if the namespaced in which the
routes are defined (i.e. similar to core in the example code) is wrap-
reloaded.
Brenton
Apr 7, 2011, 11:43:17 AM4/7/11
to Sandbar Library
When you reload the namespace that contains the call to wrap-session
or wrap-stateful-session you will create a new session.
See:
See https://github.com/mmcgrana/ring/blob/master/ring-core/src/ring/middleware/session/memory.clj
- the memory-store function will be called again and a new atom
created.
There are two ways around this.
1) Don't reload this namespace. Put this part of your app in a
namespace that is not reloaded.
2) Create your own session atom with defonce and pass is as an option
to wrap-session or wrap-stateful session.
Option 2 has the advantage that you can inspect the contents of the
session during development. The key is to use defonce so that the
session will be re-deffed when the namespace is reloaded.
Here is a complete example of doing this:
https://github.com/brentonashworth/sandbar/blob/master/src/examples/sessions/session_with_reload.clj
Good luck,
Brenton
On Apr 7, 12:55 am, thenwithexpandedwingshesteershisflight
or wrap-stateful-session you will create a new session.
See:
See https://github.com/mmcgrana/ring/blob/master/ring-core/src/ring/middleware/session/memory.clj
- the memory-store function will be called again and a new atom
created.
There are two ways around this.
1) Don't reload this namespace. Put this part of your app in a
namespace that is not reloaded.
2) Create your own session atom with defonce and pass is as an option
to wrap-session or wrap-stateful session.
Option 2 has the advantage that you can inspect the contents of the
session during development. The key is to use defonce so that the
session will be re-deffed when the namespace is reloaded.
Here is a complete example of doing this:
https://github.com/brentonashworth/sandbar/blob/master/src/examples/sessions/session_with_reload.clj
Good luck,
Brenton
On Apr 7, 12:55 am, thenwithexpandedwingshesteershisflight
thenwithexpandedwingshesteershisflight
Apr 7, 2011, 8:27:52 PM4/7/11
to Sandbar Library
I get it - thanks!
Reply all
Reply to author
Forward
0 new messages