Vamsee Kanakala wrote:
set the user object when the user logs in, and check for it at the beginning of a function
However, most of my functions would require the login-check method to be run before they display the page.
Here's how I do it:
(declaim (special %current-user%))
(defmacro with-current-user (&body body) `(let ((%current-user% (session-value current-user))) (unless %current-user% (redirect "/login")) ,@body))
(defun my-protected-page-handler () (with-current-user (with-html-output-to-string (*standard-output* nil :prologue t) (:html ...
I use this pattern a lot: a session value, a related special variable, and a macro that binds one to the other, taking action if the session value is not set.
By the way, special variables bound by (let) forms are thread-specific, at least on SBCL, so all is well.
You might also find this useful:
(defmacro with-session-values (declarations &body body) "with-session-values ({session-value | (var session-value)}*) declaration* form*" `(let ,(loop for decl in declarations if (listp decl) collect `(,(first decl) (session-value (quote ,(second decl)))) else collect `(,decl (session-value (quote ,decl)))) ,@body))
Toby