tailwind ready
This commit is contained in:
Bryce
@@ -20,18 +20,18 @@
|
||||
(:jwt-secret env)
|
||||
{:alg :hs512}))
|
||||
|
||||
(defn oauth [{{:strs [code]} :query-params {:strs [host]} :headers}]
|
||||
(defn oauth [{{:strs [code state]} :query-params {:strs [host]} :headers :as request}]
|
||||
(try
|
||||
(let [auth (-> "https://accounts.google.com/o/oauth2/token"
|
||||
(http/post
|
||||
{:form-params {"client_id" google-client-id
|
||||
"client_secret" google-client-secret
|
||||
"code" code
|
||||
"redirect_uri" (str (:scheme env) "://" host "/api/oauth")
|
||||
"grant_type" "authorization_code"}
|
||||
:as :json})
|
||||
(http/post
|
||||
{:form-params {"client_id" google-client-id
|
||||
"client_secret" google-client-secret
|
||||
"code" code
|
||||
"redirect_uri" (str (:scheme env) "://" host "/api/oauth")
|
||||
"grant_type" "authorization_code"}
|
||||
:as :json})
|
||||
:body)
|
||||
|
||||
|
||||
token (:access_token auth)
|
||||
profile (-> (http/get "https://www.googleapis.com/oauth2/v1/userinfo"
|
||||
{:headers {"Authorization" (str "Bearer " token)} :as :json})
|
||||
@@ -54,19 +54,18 @@
|
||||
_ (mu/log ::logged-in-as
|
||||
:auth auth)]
|
||||
;; TODO - these namespaces are not being transmitted/deserialized properly
|
||||
|
||||
|
||||
(if (and token user)
|
||||
(let [jwt (jwt/sign auth
|
||||
(:jwt-secret env)
|
||||
{:alg :hs512})]
|
||||
|
||||
{:status 301
|
||||
:headers {"Location" (str "/?jwt=" jwt)}
|
||||
:headers {"Location" (str (or (not-empty state) "/") "?jwt=" jwt)}
|
||||
:session {:identity (dissoc auth :exp)}})
|
||||
{:status 401
|
||||
:body "Couldn't authenticate"}))
|
||||
(catch Exception e
|
||||
(log/warn e )
|
||||
(log/warn e)
|
||||
{:status 401
|
||||
:body (str "Couldn't authenticate " (.toString e))})))
|
||||
|
||||
|
||||
@@ -8,30 +8,33 @@
|
||||
(defn wrap-secure [handler]
|
||||
(fn [request]
|
||||
(cond (authenticated? request)
|
||||
(handler request)
|
||||
(handler request)
|
||||
|
||||
(get (:headers request) "hx-request")
|
||||
{:status 401
|
||||
:headers {"hx-redirect" (str "/login?"
|
||||
(url/map->query {"redirect-to" (:uri request)}))}}
|
||||
|
||||
(get (:headers request) "hx-request")
|
||||
{:status 401
|
||||
:headers {"hx-redirect" "/login"}}
|
||||
|
||||
:else
|
||||
{:status 302
|
||||
:headers {"Location" "/login" }})))
|
||||
:else
|
||||
{:status 302
|
||||
:headers {"Location" (str "/login?"
|
||||
(url/map->query {"redirect-to" (:uri request)}))}})))
|
||||
|
||||
(defn wrap-admin [handler]
|
||||
(fn [request]
|
||||
(if (is-admin? (:identity request))
|
||||
(handler request)
|
||||
(do
|
||||
(do
|
||||
(alog/warn ::unauthenticated)
|
||||
{:status 302
|
||||
:headers {"Location" "/login"}}))))
|
||||
:headers {"Location" (str "/login?"
|
||||
(url/map->query {"redirect-to" (:uri request)}))}}))))
|
||||
|
||||
(defn wrap-client-redirect-unauthenticated [handler]
|
||||
(fn [request]
|
||||
(let [response (handler request)]
|
||||
(if (= 401 (get response :status))
|
||||
(-> response
|
||||
(assoc-in [:headers "hx-redirect"] "/login/"))
|
||||
(-> response
|
||||
(assoc-in [:headers "hx-redirect"] (str "/login?"
|
||||
(url/map->query {"redirect-to" (:uri request)}))))
|
||||
response))))
|
||||
|
||||
Reference in New Issue
Block a user