Rather than looking at session changes (which may not capture all authentications, e.g. requests carrying HTTP Basic creds), why not a utility that composes workflow fns, squirting authentication events out the side? Your app is entirely responsible for logouts (you're either calling friend/logout*, or using friend/logout middleware), so that should be trivial to do without touching the session as well.
Cheers, - Chas On Jun 28, 2013, at 4:25 AM, Steve Buikhuizen wrote: > I'll answer my own question here for future reference value. > > I found a much cleaner way was to create a wrapper type (deftype) for the > ring session store impl. It is a simple delegating wrapper but it sees the > correct cookies, regardless of the servlet container. > > It has the disadvantage of not having access to the ring request so recording > user-agent etc is not possible. I solved this by using middleware to record > that in a subsequent request. > > Here's what the wrapper looks like, feedback is welcome if you have it... > > (deftype SessionStoreWrapper [store] > > rss/SessionStore > > (read-session [_ session-key] > > (rss/read-session store session-key)) > > (write-session [_ session-key data] > > (let [key-written (rss/write-session store session-key data)] > > ;; ::session-recorded means middleware below has upserted user-agent, > ip-address etc > > (when (and (not (::session-attributes-recorded data)) > (:cemerick.friend/identity data)) > > (let [current-auth (get-in data [:cemerick.friend/identity :current]) > > user-id (get-in data [:cemerick.friend/identity > :authentications current-auth :id])] > > (debug "upserting session: " key-written " -> " user-id) > > (try > > (session/upsert-session user-id key-written nil nil :logged-in) > > (catch Throwable t > > (error t "record login failed"))))) > > key-written)) > > (delete-session [_ session-key] > > (debug "logging out: " session-key) > > (try > > (session/logout-session session-key) > > (catch Throwable t > > (error t "record logout failed"))) > > (rss/delete-session store session-key))) > > > -- > -- > You received this message because you are subscribed to the Google > Groups "Clojure" group. > To post to this group, send email to clojure@googlegroups.com > Note that posts from new members are moderated - please be patient with your > first post. > To unsubscribe from this group, send email to > clojure+unsubscr...@googlegroups.com > For more options, visit this group at > http://groups.google.com/group/clojure?hl=en > --- > You received this message because you are subscribed to the Google Groups > "Clojure" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to clojure+unsubscr...@googlegroups.com. > For more options, visit https://groups.google.com/groups/opt_out. > > -- -- You received this message because you are subscribed to the Google Groups "Clojure" group. To post to this group, send email to clojure@googlegroups.com Note that posts from new members are moderated - please be patient with your first post. To unsubscribe from this group, send email to clojure+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/clojure?hl=en --- You received this message because you are subscribed to the Google Groups "Clojure" group. To unsubscribe from this group and stop receiving emails from it, send an email to clojure+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.