Why that fancy, complicated and unessesary machinery ? I do authentication much simpler with hunchentoot dispatch. Remember, dispatch can pass request further, if it returns nil. (setq *dispatch-table* (nconc (mapcar (lambda (x) (create-folder-dispatcher-and-handler (conc "/" x) (conc *app-path* "www/" x))) '("js/" "css/" "images/" "swf/")) (prefix-dispatchers '(("/app" login-swf) ("/login.json" login-json))) (list #'check-if-logged-in) (list 'dispatch-easy-handlers #'default-dispatcher))) So first you list open resources that do not need authentication. Then goes your function that checks authentication: (check-if-logged-in), and then all other pages that require authentication. -----Original Message----- From: tbnl-devel-bounces@common-lisp.net [mailto:tbnl-devel-bounces@common-lisp.net] On Behalf Of Mac Chan Sent: Thursday, July 19, 2007 11:34 PM To: General interest list for Hunchentoot and CL-WEBDAV Subject: Re: [hunchentoot-devel] Middleware with Hunchentoot
(defmacro with-authentication (&body body) `(progn (require-authorization) ,@body))
Ah, I forget to reread my email before I click send. It should be something like this: (defun do-authorization () (multiple-value-bind (user password) (authorization) (unless (and (equal user "nanook") (equal password "igloo")) (require-authorization)))) (defmacro with-authentication (&body body) `(progn (do-authorization) ,@body))
(define-easy-handler (my-url-handler :uri "/my-url") () (require-authorization) (with-html (:h1 "hi"))
Similarly the above is wrong. (define-easy-handler (my-url-handler :uri "/my-url") () (do-authorization) (with-html (:h1 "hi")) BTW none of the code are tested, but you get the idea ... Regards, -- Mac _______________________________________________ tbnl-devel site list tbnl-devel@common-lisp.net http://common-lisp.net/mailman/listinfo/tbnl-devel