I have a compojure app that uses the ring session wrapper to store the OAuth token associated with the current user. I would like for this token to remain available when the server restarts, so that I don't have to go through the auth process each time.
I assumed that using the cookie-store instead of the default memory-store would help, but it does not. What am I missing?
This is the relevant part of the code:
(defn auth-callback-handler
[session {code :code}]
(let [token (retrieve-token code)]
(-> (redirect "/") (assoc :session (assoc session :token token)))))
(defroutes app-routes
(GET "/" {session :session} (root-handler session))
(GET "/auth-callback" {session :session params :params} (auth-callback-handler session params))
(route/not-found "Not Found"))
(def app
(-> (handler/site app-routes)
(wrap-session {:store (cookie-store {:key "a 16-byte secret"})})))
The function root-handler
uses the token to decide if someone is logged in or not, but does not return anything in the way of session info.
The issue is that you have 2 wrap-session middlewares in your app, as the handler/site comes with one. This is causing the encrypt/decrypt to be run twice. To configure the compojure session handle use:
(def app
(site app-routes {:session {:store (cookie-store {:key "a 16-byte secret"})}}))
Also, perhaps you would be interested on some of these projects, which implement the ring SessionStore protocol:
https://github.com/sritchie/couch-session
https://github.com/wuzhe/clj-redis-session
https://github.com/rmarianski/servlet-session-store
To make the last one persistent you will need to check the documentation of your servlet container of choice.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With