RSS Feed

Lisp Project of the Day


You can support this project by donating at:

Donate using PatreonDonate using Liberapay


Tests 😀
CI 😀

This Lack middleware is also undocumented, but it is short enough to understand from sources how to configure it.

When configuring this middleware, you should pass it a function which accepts username and password and returns a t if the password is correct. Also, this function may return a user object as a second value. Returned user or original username from the HTTP header will be added to the environment plist as :remote-user.

Here is an example:

POFTHEDAY> (defparameter *app*
             (lambda (env)
               (list 200 '(:content-type "text/plain")
                     (list (format nil
                                   "Hello ~A!"
                                   (getf env :remote-user))))))

POFTHEDAY> (defun auth (user pass)
             (when (and (string= user "bob")
                        (string= pass "$ecret"))
               (values t
                       "Bob The Admin")))

POFTHEDAY> (clack:clackup
             (:auth-basic :authenticator #'auth)
            :port 8080)
Hunchentoot server is started.
Listening on

POFTHEDAY> (handler-case (dex:get "http://localhost:8080/foo/bar")
             (error (condition)
               (values (dex:response-status condition)
                       (dex:response-body condition))))
401 (9 bits, #x191)
"Authorization required"

POFTHEDAY> (dex:get "http://localhost:8080/foo/bar"
                    :basic-auth '("bob" . "$ecret"))
"Hello Bob The Admin!"

That is it. Very simple, isn't it?

But please, don't hardcode passwords in the sources as I did :)

Brought to you by 40Ants under Creative Commons License