I’ve been working on a web app in Clojure as a side project, and I’m trying to figure out how to do user authentication and autherization. From the googling I’ve done, I heard about sandbar, but after reading the two blogposts on sandbar (Part 1, Part 2), I left with more questions than answers. I’ve looked at the source code for 4clojure, and from what I can tell, they roll their own, the problem is that the code’s not commented very well, if at all. I’m thinking I need to roll my own system and use either sandbar or noir.session to pass user information around. Could someone please point me in the right direction? I feel like I’m missing something simple.
Share
I had a look at the 4clojure login code and I think it is pretty clear how the implementation works. Basically it is the traditional HTTP authentication. Post user/pwd in form to a URL, check username and password and update the session with the user info that can be used for further requests to check whether this session is for a valid logged in user.
This is how most of the web app authentication works. Now this is “what to do” part of the situation, for “how to do” you can implement it your self using “primitive” features provided by the web framework or probably use some middle-ware that does this for you along with providing some hooks to customize the implementation a bit.