Friend authentication empty param

https://stackoverflow.com/questions/21189236

29-09-2022
|

Question

I am trying to implement friend authentication on my web app but when i try to login i get this */login?&login_failed=Y&username=*...my param is empty and i cant login,what am i doing wrong?

these are my routes...

(defroutes routes

(GET "/" [] (index))
(GET "/indexMessage" [] (indexMessage))
(GET "/login" req (index))

(POST "/insert-user" {params :params}
   (let [firstname (get params "firstname")
         lastname (get params "lastname")
         email (get params "email")
         password (get params "password")
         sex (get params "sex")
         year (get params "year")
         month (get params "month")
         day (get params "day")]
     (def date (str year"-"month"-"day))
     (insert-user firstname lastname email password sex date)))

(route/resources "/public")
(route/not-found "Page not found")
)

i used all the middleware needed...

(def page (handler/site
        (friend/authenticate
          routes
          {:allow-anon? true
           :login-uri "/login"
           :default-landing-uri "/"
           :unauthorized-handler #(-> (html5 [:h2 "You do not have sufficient privileges to access " (:uri %)])
                                    resp/response
                                    (resp/status 401))
           :credential-fn #(creds/bcrypt-credential-fn @users %)
           :workflows [(workflows/interactive-form)]})
           (wrap-keyword-params routes)
           (wrap-nested-params routes)
           (wrap-params routes)
           (wrap-session routes)


        ))

and this is how i start up my jetty server...

(defn -main []
(run-jetty page {:port 8080 :join? false}))

users is a map like this...

 {"username" {:username "username" :password "password"}}

is :roles a must in the map?maybe it's because of that?

Solution

I am pretty new to Friend as well but from the Friend source code I can say that the parameters name of your POST request matters. I guess you are following this example, if not, it's the best hint you can get actually. Notice the name of the form fields

https://github.com/cemerick/friend-demo/blob/master/src/clj/cemerick/friend_demo/interactive_form.clj#L22-l24

All credential functions take a single argument, a map containing the available credentials, so as there is no explicit POST "/login" route, the Friend midleware is catching and using them as credentials for your credential-fn as shown here https://github.com/cemerick/friend/blob/master/src/cemerick/friend/workflows.clj#L76-78

So "username" and "password" should be the names of the parameters POSTed to the :login-uri

For newcomers that example is runnable here http://friend-demo.herokuapp.com/interactive-form/

Licensed under: CC-BY-SA with attribution

Not affiliated with StackOverflow