62 lines
2.2 KiB
Clojure
62 lines
2.2 KiB
Clojure
|
(ns mailhead.middleware
|
||
|
(:require [mailhead.layout :refer [*app-context* error-page]]
|
||
|
[taoensso.timbre :as timbre]
|
||
|
[environ.core :refer [env]]
|
||
|
[ring.middleware.flash :refer [wrap-flash]]
|
||
|
[immutant.web.middleware :refer [wrap-session]]
|
||
|
[ring.middleware.webjars :refer [wrap-webjars]]
|
||
|
[ring.middleware.defaults :refer [site-defaults wrap-defaults]]
|
||
|
[ring.middleware.anti-forgery :refer [wrap-anti-forgery]]
|
||
|
[ring.middleware.format :refer [wrap-restful-format]]
|
||
|
[mailhead.config :refer [defaults]])
|
||
|
(:import [javax.servlet ServletContext]))
|
||
|
|
||
|
(defn wrap-context [handler]
|
||
|
(fn [request]
|
||
|
(binding [*app-context*
|
||
|
(if-let [context (:servlet-context request)]
|
||
|
;; If we're not inside a servlet environment
|
||
|
;; (for example when using mock requests), then
|
||
|
;; .getContextPath might not exist
|
||
|
(try (.getContextPath ^ServletContext context)
|
||
|
(catch IllegalArgumentException _ context))
|
||
|
;; if the context is not specified in the request
|
||
|
;; we check if one has been specified in the environment
|
||
|
;; instead
|
||
|
(:app-context env))]
|
||
|
(handler request))))
|
||
|
|
||
|
(defn wrap-internal-error [handler]
|
||
|
(fn [req]
|
||
|
(try
|
||
|
(handler req)
|
||
|
(catch Throwable t
|
||
|
(timbre/error t)
|
||
|
(error-page {:status 500
|
||
|
:title "Something very bad has happened!"
|
||
|
:message "We've dispatched a team of highly trained gnomes to take care of the problem."})))))
|
||
|
|
||
|
(defn wrap-csrf [handler]
|
||
|
(wrap-anti-forgery
|
||
|
handler
|
||
|
{:error-response
|
||
|
(error-page
|
||
|
{:status 403
|
||
|
:title "Invalid anti-forgery token"})}))
|
||
|
|
||
|
(defn wrap-formats [handler]
|
||
|
(wrap-restful-format handler {:formats [:json-kw :transit-json :transit-msgpack]}))
|
||
|
|
||
|
(defn wrap-base [handler]
|
||
|
(-> ((:middleware defaults) handler)
|
||
|
wrap-formats
|
||
|
wrap-webjars
|
||
|
wrap-flash
|
||
|
(wrap-session {:cookie-attrs {:http-only true}})
|
||
|
(wrap-defaults
|
||
|
(-> site-defaults
|
||
|
(assoc-in [:security :anti-forgery] false)
|
||
|
(dissoc :session)))
|
||
|
wrap-context
|
||
|
wrap-internal-error))
|