This pull request consists of two commits, the first of which has a couple of changes to improve readability and reduce the number of compiler (reflection) warnings encountered during development, while the second one contains changes to add an authentication endpoint against the Google (OAuth) API.
The included credentials are placeholders and may be used for testing (by changing the users.txt whitelist; each email address on a single line), but eventually need to be replaced with actual credentials created via the Google Developers Console. The format of the configuration file (auth.config) is Clojure EDN, so the file has to contain a single entry {:client-id "foo" :client-secret "bar"}.
The configuration is set up to use the /code endpoint for callbacks, but this can again be changed in the core.clj file (same as other configurable parameters).
Logging is done the same way as in the rest of the application. Session information and authentication actions are logged respectively.
Note that all deployed servers have to be upgraded in order to support the sent CORS headers - the client isn't able to differentiate and deal with old server versions.
A separate pull request for the client side is here.
This pull request consists of two commits, the first of which has a couple of changes to improve readability and reduce the number of compiler (reflection) warnings encountered during development, while the second one contains changes to add an authentication endpoint against the Google (OAuth) API.
The included credentials are placeholders and may be used for testing (by changing the
users.txtwhitelist; each email address on a single line), but eventually need to be replaced with actual credentials created via the Google Developers Console. The format of the configuration file (auth.config) is Clojure EDN, so the file has to contain a single entry{:client-id "foo" :client-secret "bar"}.The configuration is set up to use the
/codeendpoint for callbacks, but this can again be changed in thecore.cljfile (same as other configurable parameters).Logging is done the same way as in the rest of the application. Session information and authentication actions are logged respectively.
Note that all deployed servers have to be upgraded in order to support the sent CORS headers - the client isn't able to differentiate and deal with old server versions.
A separate pull request for the client side is here.