jtth 2020-04-21T16:28:07.032600Z

This is the repo Any help is much appreciated. Otherwise I’m gonna have to just build all this up from scratch without luminus and reitit blocking my understanding, and if I can’t get that to work I’m going back to rails and devise.

shayne.koestler 2020-04-21T16:55:58.032800Z

I recently just added the same thing to my luminus project, in your snippet I see there's a session variable, where is that coming from? For what its worth heres the snippet I have

(-> (response/ok {:username email})
           (assoc :session {:username email}))

jtth 2020-04-21T17:10:00.033Z

how does that deal with redirection then? this is what i’m not getting

shayne.koestler 2020-04-21T17:13:31.033200Z

I'm not actually going to redirect. Are you able to see if the session identity is properly set on requests after the redirect?

jtth 2020-04-21T17:14:18.033400Z

that is what this question is about

jtth 2020-04-21T17:14:34.033600Z

and how are you having someone log in without redirecting them after the POST to the login route

shayne.koestler 2020-04-21T17:15:49.033800Z

I'm doing a re-frame front end so I'm just setting some state on the front end when I get a 200

jtth 2020-04-21T17:15:58.034Z

Ok well that’s not very helpful

shayne.koestler 2020-04-21T17:16:02.034200Z


jtth 2020-04-21T17:16:04.034400Z

this isn’t an SPA

jtth 2020-04-21T17:25:37.034600Z

I figured it out. The session is fine, there’s just no way of accessing it within luminus’s layouts. Which… what is the point of the template if not to provide such things?.

shayne.koestler 2020-04-21T17:26:24.034800Z

If you go to layout.clj you can update render to pass it in

shayne.koestler 2020-04-21T17:26:27.035Z

I am actually doing that

shayne.koestler 2020-04-21T17:26:43.035200Z

(defn render
  "renders the HTML template located relative to resources/html"
  [request template & [params]]
        (assoc params
          :page       template
          :csrf-token *anti-forgery-token*
          :username   (get-in request [:session :identity]))))
    "text/html; charset=utf-8"))

jtth 2020-04-21T17:29:56.035400Z

Yeah, got that. Not sure why the session info isn’t just… there for each template to get… because… what is the point of the template if it can’t?

jtth 2020-04-21T17:32:10.035700Z

Like, is there a reason I shouldn’t just pass :session into each template?

shayne.koestler 2020-04-21T17:35:07.035900Z

Only reason I can think of is there might be secure info in there and if the whole object is passed to the template its easier to accidentally serialize it into the response. That's the only reason I could think of