If certain page requires authencation first, then how to check it properly?
In GNU Artanis, the session-id is the only token to check if the client has already been authenticated. By default, the session-id is named as SID in cookies. You may use #:with-auth to do all the works automatically for you.
(get "/dashboard"
#:with-auth <options>
(lambda (rc)
(view-render "dashboard" (the-environment))))
For example, assuming you have a page /dashboard requires login, then you may set #:with-auth with certain option. We will explain this option later. Each time user visit /dashboard page, GNU Artanis will check if there’s valid session-id from client’s cookies, if yes, then run the handler to generate the response; if no, then jump to the related auth failed handler, depends on the option you specified.
Here’s available options:
#t means the default failure activity: redirect to /login page.
#:with-auth "/admin/login".
'status will return a 401 page with status code 401, which could be checked by cilent.
#:with-auth (lambda () (scm->json-string '((status . 401) (reason . "No auth")))). This is useful to customize your protocol in JSON for RESTful API.
NOTE: Different from other shortcuts, there’s no :with-auth apply for user customized operations inside the handler. If you use #:with-auth, then all related works are handled by GNU Artanis.