Re: WebApp authentication and authorization - up-to-date information?

Thank you, Aleksandar, for putting in this effort. Now I know what I shall do with my weekend :). On Thursday, March 26, 2020 at 4:40:40 PM UTC+1, Aleksandar Simic wrote: > > > On Mon, Mar 23, 2020 at 8:59 PM z9znz > > wrote: > >> I very eagerly look forward to this, and thank you in advance. >

Re: WebApp authentication and authorization - up-to-date information?

On Mon, Mar 23, 2020 at 8:59 PM z9znz wrote: > I very eagerly look forward to this, and thank you in advance. > Here it is, it's very much rough & ready: https://github.com/dotemacs/clojure-webapp It does have authentication, but not authorisation. So if you feel some things are missing, conf

Re: WebApp authentication and authorization - up-to-date information?

Thanks very much for posting this and making the effort to document so well! On Wednesday, March 25, 2020 at 2:04:56 AM UTC+1, Gary Johnson wrote: > > Hi folks, > > While it's not directly to your point, here is a pretty complete (IMHO) > repository that I put together for getting you going with

Re: WebApp authentication and authorization - up-to-date information?

Hi folks, While it's not directly to your point, here is a pretty complete (IMHO) repository that I put together for getting you going with a new Clojure+Clojurescript website: https://gitlab.com/lambdatronic/clojure-webapp-template Just clone it and check out the README.md file for a desc

Re: WebApp authentication and authorization - up-to-date information?

I very eagerly look forward to this, and thank you in advance. On Monday, March 23, 2020 at 1:46:10 PM UTC+1, Aleksandar Simic wrote: > > Hello > > very interesting points raised and I think that they should be addressed. > > On Sun, Mar 22, 2020 at 2:02 PM iamDecim > > wrote: > >> I think this c

Re: WebApp authentication and authorization - up-to-date information?

Hello very interesting points raised and I think that they should be addressed. On Sun, Mar 22, 2020 at 2:02 PM iamDecim wrote: > I think this could be easily solved if some of the experienced users show > more code. I'm 100% sure a few of them could grab > http-kit/pedestal/immutant and give

Re: WebApp authentication and authorization - up-to-date information?

Authentication is a serious business. Posting code examples for beginners to follow is likely to either be too complex to be a good example or too simple to be a good authentication process. Also, I think a lot of "the experienced users" are building real-world apps that are proprietary in nature,

Re: WebApp authentication and authorization - up-to-date information?

Dmitri Sotnikov's book "Web development with Clojure" includes an example. Do not be put out by books or primers dated a few years back. HTTP, Servlets, and Clojure have been quite stable. Likewise the basic facts of authentication and authorization, right? On Saturday, March 21, 2020 at

Re: WebApp authentication and authorization - up-to-date information?

I think this could be easily solved if some of the experienced users show more code. I'm 100% sure a few of them could grab http-kit/pedestal/immutant and give an example of basic authentication and even making a simple post and throwing it up on github then advertising it via Twitter or reddi

Re: WebApp authentication and authorization - up-to-date information?

Yes, there is definitely a learning curve with Clojure and its ecosystem that makes it hard to just "dip in" every few years. It is not optimized for beginners and I don't think it ever will be (although the beginner experience is much better now than it used to be). It is not designed for "off-the

Re: WebApp authentication and authorization - up-to-date information?

> Every year or two I go looking for something like this, or at least a guide or tutorial. And every time, I encounter at least one of the following: > - A key element of the guide is outdated or depends on a library which is outdated (and where in some cases there is a reference made that everyo

Re: WebApp authentication and authorization - up-to-date information?

This may sound like a rant, but it's not meant to be. This is just my recurring frustration whenever I am led by my strong desire to use Clojure, but my typical use case is a basic business web app with authentication. Such use case may not at all be the best use of Clojure, but it should be

Re: WebApp authentication and authorization - up-to-date information?

Regarding the security part I find that delegating authentication and authorization to a specialized component is a good approach. You can use Keycloak for that matter and I published some times ago some details about its integration in the Clojure world : https://git

Re: WebApp authentication and authorization - up-to-date information?

> some form of database interface (definitely need not be ORM; just a demonstrated pattern) I'm curious as to what you feel is missing beyond clojure.java.jdbc / next.jdbc? SQL is the lingua franca for relational databases and those libraries provide the interface between Clojure data -- hash maps

Re: WebApp authentication and authorization - up-to-date information?

This is what primarily keeps me from ever building a first (web) app with Clojure. Even the Web Development with Clojure, 3rd edition that I bought (beta) still does not have the section on this topic filled in. I'm convinced that part of what prevents Clojure from being adopted more is the

WebApp authentication and authorization - up-to-date information?

I have difficulties finding up-to-date information, tutorials, articles, blog posts etc. concerning WebApp authentication and authorization. The most "recent" useful articles I found are from 2015 and 2014: https://rundis.github.io/blog/2015/buddy_auth_part2.html https://blog.knoldus.com/g