(ns mailhead.middleware (:require [mailhead.layout :refer [*app-context* error-page]] [taoensso.timbre :as timbre] [environ.core :refer [env]] [ring.middleware.flash :refer [wrap-flash]] [immutant.web.middleware :refer [wrap-session]] [ring.middleware.webjars :refer [wrap-webjars]] [ring.middleware.defaults :refer [site-defaults wrap-defaults]] [ring.middleware.anti-forgery :refer [wrap-anti-forgery]] [ring.middleware.format :refer [wrap-restful-format]] [mailhead.config :refer [defaults]]) (:import [javax.servlet ServletContext])) (defn wrap-context [handler] (fn [request] (binding [*app-context* (if-let [context (:servlet-context request)] ;; If we're not inside a servlet environment ;; (for example when using mock requests), then ;; .getContextPath might not exist (try (.getContextPath ^ServletContext context) (catch IllegalArgumentException _ context)) ;; if the context is not specified in the request ;; we check if one has been specified in the environment ;; instead (:app-context env))] (handler request)))) (defn wrap-internal-error [handler] (fn [req] (try (handler req) (catch Throwable t (timbre/error t) (error-page {:status 500 :title "Something very bad has happened!" :message "We've dispatched a team of highly trained gnomes to take care of the problem."}))))) (defn wrap-csrf [handler] (wrap-anti-forgery handler {:error-response (error-page {:status 403 :title "Invalid anti-forgery token"})})) (defn wrap-formats [handler] (wrap-restful-format handler {:formats [:json-kw :transit-json :transit-msgpack]})) (defn wrap-base [handler] (-> ((:middleware defaults) handler) wrap-formats wrap-webjars wrap-flash (wrap-session {:cookie-attrs {:http-only true}}) (wrap-defaults (-> site-defaults (assoc-in [:security :anti-forgery] false) (dissoc :session))) wrap-context wrap-internal-error))