[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Artanis] Using #:auth to Authenticate a User

From: Nala Ginrut
Subject: Re: [Artanis] Using #:auth to Authenticate a User
Date: Thu, 20 Sep 2018 01:32:57 +0800
User-agent: mu4e 1.1.0; emacs 25.1.1

I found there's bug in session module, now I've fixed it.
Could you update then try it again?

Jonathan Schmeling writes:

> On 09/16/2018 12:09 PM, Nala Ginrut wrote:
>> Jonathan Schmeling writes:
>>> Last, – mostly because I'm really interested – how does the
>>> user-inputted password get passed through the POST call? Does the form
>>> need to specify the right name? I used passwd mostly as a guess since I
>>> couldn't find it specified in the doc.s.
>> The POST is not mysterious, according to HTTP protocol, it's the same
>> with a common query-string, for example, name=nala&passwd=123
>> The name of passwd field should be the same you specified in #:auth, for
>> example, if you write this code in the form:
>> -----------------code----------------------
>> <input type="password" name="passwd">
>> -----------------end-----------------------
> I figured it worked the same as a query-string but, from the
> documentation, it wasn't clear that the name of the parameters were to
> match the list '(table user "user" "passwd"). Because the list starts
> with table, I figured that the values given would map to the names of
> the columns in the database but had no idea what I should set the
> parameter names passed to the POST call to.
> Setting the form to match the values I placed in the list, it worked!
> Submitting the form redirected to the /sign-in/success endpoint and, I
> assume, spawned a new session before doing so.
> However, resubmitting the form, after the first time, did not redirect
> to /sign-in/logged after checking for a session with (:session rc 'check).
> To test this more thoroughly, I added an endpoint with
> (get "/find" #:session #t (lambda (rc)
>   (if (:session rc 'check)
>   "YES"
>   "NO!")))
> and visited the endpoint after signing in and go the "NO!" result, every
> time. Looking at the documentation, I didn't think I was missing
> anything from my setup but I could always be mistaken.
> Jonathan

GNU Powered it
GPL Protected it
GOD Blessed it
HFG - NalaGinrut
Fingerprint F53B 4C56 95B5 E4D5 6093 4324 8469 6772 846A 0058

Attachment: signature.asc
Description: PGP signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]