feat(grfn/bbbg): Require auth for a bunch of stuff

Only authenticated users should be allowed to create events, etc. Change-Id: I1f560365dbf583cf6cecf4a0798952f323bbd42e Reviewed-on: https://cl.tvl.fyi/c/depot/+/4412 Reviewed-by: grfn <grfn@gws.fyi> Autosubmit: grfn <grfn@gws.fyi> Tested-by: BuildkiteCI
2021-12-19 00:04:15 -05:00 · 2021-12-19 00:04:15 -05:00 · 23397763a7
commit 23397763a7
parent 732d1b733a
4 changed files with 29 additions and 14 deletions
--- a/users/grfn/bbbg/src/bbbg/handlers/core.clj
+++ b/users/grfn/bbbg/src/bbbg/handlers/core.clj
@ -35,6 +35,11 @@
 (defn authenticated? [request]
  (some? (get-in request [:session ::user/id])))

+(defn wrap-auth-required [handler]
+  (fn [req]
+    (when (authenticated? req)
+      (handler req))))
+
 (comment
  (render-page
   [:h1 "hi"])
--- a/users/grfn/bbbg/src/bbbg/handlers/events.clj
+++ b/users/grfn/bbbg/src/bbbg/handlers/events.clj
@ -3,15 +3,19 @@
   [bbbg.db :as db]
   [bbbg.db.event :as db.event]
   [bbbg.event :as event]
-   [bbbg.handlers.core :refer [page-response]]
+   [bbbg.handlers.core :refer [page-response authenticated? wrap-auth-required]]
   [compojure.core :refer [context GET POST]]
   [ring.util.response :refer [redirect]]
   [bbbg.views.flash :as flash]))

-(defn events-index [events]
-  [:ul.events-list
-   (for [event events]
-     [:li (::event/date event)])])
+(defn events-index [{:keys [events authenticated?]}]
+  [:div
+   (when authenticated?
+     [:a {:href "/events/new"}
+      "Create New Event"])
+   [:ul.events-list
+    (for [event events]
+      [:li (::event/date event)])]])

 (defn event-form
  ([] (event-form {}))
@ -29,9 +33,11 @@

 (defn events-routes [{:keys [db]}]
  (context "/events" []
-    (GET "/" []
+    (GET "/" request
      (let [events (db/list db :event)]
-        (events-index events)))
+        (page-response
+         (events-index {:events events
+                        :authenticated? (authenticated? request)}))))

    (GET "/new" [date]
      (page-response
--- a/users/grfn/bbbg/src/bbbg/handlers/home.clj
+++ b/users/grfn/bbbg/src/bbbg/handlers/home.clj
@ -12,6 +12,8 @@
 (defn- home-page [{:keys [authenticated?]}]
  [:nav.home-nav
   [:ul
+    [:li [:a {:href "/events"}
+          "Events"]]
    [:li [:a {:href "/signup-forms"}
          "Event Signup Form"]]
    (if authenticated?
--- a/users/grfn/bbbg/src/bbbg/handlers/signup_form.clj
+++ b/users/grfn/bbbg/src/bbbg/handlers/signup_form.clj
@ -3,18 +3,19 @@
   [bbbg.db :as db]
   [bbbg.db.event :as db.event]
   [bbbg.event :as event]
-   [bbbg.handlers.core :refer [page-response]]
+   [bbbg.handlers.core :refer [page-response authenticated?]]
   [compojure.core :refer [GET context]]
   [java-time :refer [local-date]]
   [ring.util.response :refer [redirect]]))

-(defn no-events-page []
+(defn no-events-page [{:keys [authenticated?]}]
  [:div.no-events
   [:p
    "There are no events for today"]
-   [:p
-    [:a {:href (str "/events/new?date=" (str (local-date)))} "Create Event"]
-    [:a {:href "/events"} "All Events"]]])
+   (when authenticated?
+     [:p
+      [:a {:href (str "/events/new?date=" (str (local-date)))} "Create Event"]
+      [:a {:href "/events"} "All Events"]])])

 (defn signup-page [event]
  [:div.signup-page
@ -46,10 +47,11 @@

 (defn signup-form-routes [{:keys [db]}]
  (context "/signup-forms" []
-   (GET "/" []
+   (GET "/" request
     (if-let [event (db/fetch db (db.event/today))]
       (redirect (str "/signup-forms/" (::event/id event)))
-       (page-response (no-events-page))))
+       (page-response (no-events-page
+                       {:authenticated? (authenticated? request)}))))

   (GET "/:event-id" [event-id]
     (if-let [event (db/get db :event event-id)]