Open ikitommi opened 9 years ago
Would love a feature like this! :+1:
Also, if this isn't a high priority, having a quick HTTP Basic buddy-auth example in the wiki/README would be fantastic!
Agreed with David, it would be great to have such a feature at hand!
I'll poke the guys I know are using buddy with compojure-api.
Here's a sample of using Buddy: https://gist.github.com/Deraen/ef7f65d7ec26f048e2bb
awesome! We could have an examples folder with standalone projects of these? would need a maintainer thou.
We already have separate example repo (https://github.com/metosin/compojure-api-examples) should we extend that or should we have all examples in this repo? No sense having multiple examples here and single example on another repo.
The reason for having the example in this repo is that it's using the same lein project as the implementation so it makes testing changes easy.
I think we need both types:
external project could have more maintainers (to keep up with versions etc.), embedded examples would be easy to find. Both are right, dunno which is better.
Authenticated Compojure API is an example that works pretty well using Buddy with HTTP Basic and JWT (token) auth. You could build on that or direct people to it. We recently updated it to work with the 1.0.0-SNAPSHOT and @JarrodCTaylor has further enhancement plans.
awesome! didn't know about that. Will add a link to it and read the source to learn out of it.
We seem to be re-implementing a role-based auth with all the projects, via :roles
- restructuring. Thinking of adding those to c-api, doesn't cover how the actual authentication should work, one could use Buddy (or Friend), just how they can be used to guard routes. With 1.0.0, one could also filter swagger-docs based on roles (or by any other access rules), e.g. only only admins see the admin-routes.
I would be happy to have the project linked here. I am very open to feedback and enhancement suggestions as well.
separate namespace
compojure.api.buddy
with registered dispatchers for making it easy to use them from c-api. Something like:EDIT 18.8.2015. Should be security in general. Goes for Ring-Swagger too.