All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.
wrap-authenticate :allow-anonymous? option: Pass requests through with no identity when no strategy matches, enabling mixed public/authenticated routessession-strategy :verify option: Optional fn to re-validate session identity per request; returning nil skips the strategy (stale session)logout-handler :response-fn option: Zero-arg fn returning a custom Ring response instead of the default 302 redirect, enabling SPA clients to receive meaningful responses from fetch calls. Session is always cleared regardlesswrap-authenticate middleware tries strategies in order, first {:authenticated data} winsAuthorization: Bearer header, hashes token (SHA-256), delegates verification to injected lookup functionwrap-oauth2 wraps ring-oauth2 with landing page interception and session creationdecode-id-token utility for extracting JWT claims without signature verificationwrap-magic-link with HMAC-signed tokens, storage-backed single-use nonces, and constant-time comparisongenerate-token (prefixed, URL-safe), hash-token (SHA-256), token-active? (expiry + revocation check)print-method/print-dup/toString to prevent secret leakage in REPL and logslogout-handler, session-timeout-handler with redirect hinthas-role? predicate on identity datavalidate-config for startup validationCan you improve this documentation?Edit on GitHub
cljdoc builds & hosts documentation for Clojure/Script libraries
| Ctrl+k | Jump to recent docs |
| ← | Move to previous article |
| → | Move to next article |
| Ctrl+/ | Jump to the search field |