naskoap
commented
8 years ago We apply an access rule to restricted pages as follows:
(def app ...
:access-rules [user-page])The user-page function is used to check whether a user is in session. If not, we use the noir.util.route/restricted macro to restrict access to pages:
(POST "/upload" [file] (restricted (handle-upload file)See #7 for more details.
Restrict guests from the ability to access the upload page. Only registered users in session should have this ability. Although there is currently no link to it on the register page, users can hard-code the address: