Example that showcase the use of session interceptors using Xiana.
Observe what happens when the backend application is restarting. Check if already logged-in user is still logged in, or it's lost his/her session data?
docker-compose up -dstarts the database for persisting sessions. See docker-compose.yml and init.sql how the the database and
the sessions table is setting up.
lein runThere are 4 endpoints provided:
- localhost:3000/
if you don't have valid session it returns
{:status 200, :body "Index page"}with valid session it returns
{:status 200, :body "Index page, for Piotr"}
- localhost:3000/secret
if you don't have valid session it returns
{:status 401, :body "Invalid or missing session"}with valid session it returns
{:status 200, :body "Hello Piotr"}
- localhost:3000/login
request should look like:
{:method :post :body {:email "[email protected]" :password "topsecret"}}returns:
{:status 200 :body {:session-id {{session-id}} :user {"first-name" "Piotr" "id" 1 "email" "[email protected]" "last-name" "Developer"}}}Without the request body, or with wrong HTTP method it returns:
{:status 401 :body "Missing credentials"}
- localhost:3000/logout
if you have valid session it returns
{:status 200 :body "Piotr logged out"}and it clears the session you had.
You can provide the session-id from login response in the request's headers
{:headers {:session-id {{session-id}}}}
lein test