Prints the actual state map on both :enter and :leave phases.
Executes the function from state's :side-effect key, if there is one. It's often placed between database access and
response, to execute actions based on the database result.
The view interceptor renders the response map based the given state via the provided :view keyword.
Params for resolving the request parameters.
Executes :query and :db-queries keys on :leave phase.
Prints out provided message on :leave and on :enter
Decodes the request and encodes the response based on request's Accept and Content-type headers
On :enter, either injects session-data based on headers, cookies or query params' session-id, or short circuits
execution with invalid or missing session responses.
On :leave updates session storage with session-data from state.
Same as session, except that if session is missing or not provided, creates a new session for :guest
user, with random UUID user-id.
On :enter, decides if the given user (from session-data user role) has permissions for a given action. When no
permission is found, short circuits the execution with :status 403.
On :leave, tightens the database query with given :restriction-fn, if any.
On :enter, performs request parameter wrapping, and validates by given roles.
On :leave, validates the response body with the given malli schema.
Cookie request/response wrapper
On :enter, removes both body and :body-params from GET requests.
This interceptor uses :claims methods of verify-jwt and sign. More on these methods here
On :enter, gets the authorization header from the request and verifies the JWT sent. If its valid, adds the contents
of the JWT to session-data, otherwise assocs the Exception into the error key in state.
On :error, returns a 401 Unauthorized response with the message depending on the ExceptionInfo data present in
the :error key in state.
On :leave does nothing.
This interceptor uses :no-claims methods of verify-jwt and sign. More on these methods here
On :enter, grabs the JWT sent as a body-param in the request and verifies it. If its valid, rewrites the content of
the :body-params key with the contents of the JWT. If validation fails, assocs the Exception to the :error key in
state.
On :leave, signs the contents of the response body and assocs it back to the :body of the response.
On :error, responds 401 Unauthorized.
Can you improve this documentation? These fine people already did:
Krisztian Gulyas, Arthur G Luz, Juan Carlos Teso, Stas Makarov & g-krisztianEdit on GitHub
cljdoc builds & hosts documentation for Clojure/Script libraries
| Ctrl+k | Jump to recent docs |
| ← | Move to previous article |
| → | Move to next article |
| Ctrl+/ | Jump to the search field |