funcool / buddy

Security library for Clojure
Apache License 2.0
827 stars 38 forks source link

Example of token-backend #10

Closed dhruvbhatia closed 10 years ago

dhruvbhatia commented 10 years ago

Hi there,

I'm trying to build an example auth system using Buddy's token-backend authentication middleware.

The documentation says I need to call a auth-fn function: It parses a token and passes it to auth-fn for authentication.

However looking at the src, I don't see the auth-fn function actually being handled by TokenBackend: https://github.com/niwibe/buddy/blob/master/src/clojure/buddy/auth/backends/token.clj#L74

Is this particular backend still a WIP?

johnwalker commented 10 years ago

I suspect that auth-fn refers to authenticate-handler, which can be called with (.authenticate (->TokenBackend .. ) .. ):

https://github.com/niwibe/buddy/blob/master/src/clojure/buddy/auth/backends/token.clj#L55

  (authenticate [_ request token]
    (let [rsq (when authenticate-handler (authenticate-handler request token))]
      (if (response? rsq) rsq
        (assoc request :identity rsq))))
niwinz commented 10 years ago

Hi! Sorry for my late response, I was out of my country without good connectivity.

As @johnwalker said, auth-fn refes to authenticate-handler, and is called in each request after token was parsed.

I will update the documentation to the correct name, thanks.

niwinz commented 10 years ago

The documentation is now updated and I have fixed some inconsistencies in parameters to authentication/authorization constructors.

Thanks!