I discuss the available backends available in the buddy-auth library and how they are implemented. I will then show, for circumstances where the provided back-ends don't meet our needs how we can implement our own.
In this piece I will cover briefly how the Pedestal web-server operates, particularly the interceptor model and error handling; how to integrate a Pedestal web application with the buddy-auth library; and I will demonstrate with code how to secure access to Pedestal endpoints using the buddy-auth library.
I will demonstrate how to compile and package a completely operational, but minimal, application comprising a secure Clojure Pedestal API server and a ClojureScript (reagent/reframe) front-end React application; and finally deploy that application to a docker container running as a Docker swarm service with its configuration provided by Docker's secrets functionality.
A longer discussion of my publicly available GitHub repository containing a secured Pedestal API server and ClojureScript/React SPA that can use Google login to authenticate a user. I show how to set up HTTPS, integrate with Google and secure API endpoints in the context of a simple React application.
Introduction
Setting up Pedestal (using Jetty) with HTTPS isn’t that difficult, but it is a bit “fiddly”. Essentially, you’ll need a keystore so that Jetty has access to encryption keys and can encrypt pages sent over HTTPS.