Why that fancy, complicated and unessesary machinery ?
I do authentication much simpler with hunchentoot dispatch. Remember, dispatch can pass request further, if it returns nil.
(setq *dispatch-table* (nconc (mapcar (lambda (x) (create-folder-dispatcher-and-handler (conc "/" x) (conc *app-path* "www/" x))) '("js/" "css/" "images/" "swf/"))
(prefix-dispatchers '(("/app" login-swf) ("/login.json" login-json)))
(list #'check-if-logged-in)
(list 'dispatch-easy-handlers #'default-dispatcher)))
So first you list open resources that do not need authentication. Then goes your function that checks authentication: (check-if-logged-in), and then all other pages that require authentication.
-----Original Message----- From: tbnl-devel-bounces@common-lisp.net [mailto:tbnl-devel-bounces@common-lisp.net] On Behalf Of Mac Chan Sent: Thursday, July 19, 2007 11:34 PM To: General interest list for Hunchentoot and CL-WEBDAV Subject: Re: [hunchentoot-devel] Middleware with Hunchentoot
(defmacro with-authentication (&body body) `(progn (require-authorization) ,@body))
Ah, I forget to reread my email before I click send.
It should be something like this:
(defun do-authorization () (multiple-value-bind (user password) (authorization) (unless (and (equal user "nanook") (equal password "igloo")) (require-authorization))))
(defmacro with-authentication (&body body) `(progn (do-authorization) ,@body))
(define-easy-handler (my-url-handler :uri "/my-url") () (require-authorization) (with-html (:h1 "hi"))
Similarly the above is wrong.
(define-easy-handler (my-url-handler :uri "/my-url") () (do-authorization) (with-html (:h1 "hi"))
BTW none of the code are tested, but you get the idea ...
Regards, -- Mac _______________________________________________ tbnl-devel site list tbnl-devel@common-lisp.net http://common-lisp.net/mailman/listinfo/tbnl-devel