Refactored cookie_login

1 files changed, 39 insertions, 39 deletions

diff --git a/src/cookie_login.clj b/src/cookie_login.clj
index 6ac1f6c..ce41c66 100755
--- a/src/cookie_login.clj
+++ b/src/cookie_login.clj
@@ -1,23 +1,28 @@
 (ns cookie-login
   (:use compojure))
 
-(defn clear-login-token [token-key]
+(def *login-token-key* :login-token)
+(def *login-token-expiry* (* 1000 60 60 24 7)) ; one week
+
+(defn clear-login-token
   "Creates an expiration cookie for a given cookie name."
+  [token-key]
   (set-cookie token-key "dummy"
               :expires "Thu, 01-Jan-1970 00:00:01 GMT"))
 
+
 (defn handle-request-with-login-token
   "Validates login token, handles request, and updates cookies and session
-  repository. If token is invalid or an exception is raised while reading it, 
-  the token cookie is expired."
-  [handler request expiry token-key token-maker token-reader]
-  (if-let [session-info (token-reader (get-in request [:cookies token-key]))]
+  repository. If the token is invalid, the token cookie is expired."
+  [handler request token-maker token-reader login-token-key login-token-expiry]
+  (if-let [session-info (token-reader (get-in request 
+                                              [:cookies login-token-key]))]
     (let [response (handler (merge-with merge
                                         request
                                         {:session session-info}))
           ; Session variable priority:
           ; 1) variables set by handler
-          ; 2) session variables from token-reader
+          ; 2) variables from token-reader
           ; 3) variables from repository          
           session-map (merge (request :session)
                              session-info
@@ -25,50 +30,45 @@
       (merge-with merge
                   response
                   {:session session-map}
-                  (token-maker session-info expiry)))
+                  (token-maker session-info)))
     (merge (handler request)
-           (clear-login-token token-key))))
-
-; Default expiration is a week.
-(def *default-login-token-expiry* (* 1000 60 60 24 7))
-(def *default-login-token-key* :login-token)
+           (clear-login-token login-token-key))))
 
 (defn with-cookie-login
   "Middleware to support automatic cookie login. Must be placed after 
-   the with-session middleware!
+   the with-session middleware.
 
-   Accepts five configuration options:
-   - token-key:
-        The cookie name to store the login-token under.
-        Defaults to 'login-token'.
-   - expiry:
-        The number of milliseconds a login token is valid for.
-        Defaults to one week.
-   - is-logged-in?:        
-        Function to apply to request's session map to determine whether to
-        process login token or not. If a truthy value is returned,
-        then the next handler is called.
+   Must be given three arguments:
+   - process-login-token?
+        Function to apply to request map to determine whether to
+        process login token or not. If a false value is returned,
+        then the next handler is called without further processing.
    - token-maker:
-        Function to generate new login token from session map and 
-        milliseconds until login token expiry.
+        Function to generate new login token from session map.
    - token-reader:
         Function to generate session map from login token. Should return nil
         if login token is invalid.
-" 
-  [handler options]
-  (let [token-key     (or (options :default-token-key) *default-login-token-key*)
-        expiry        (or (options :expiry) *default-login-token-expiry*)
-        is-logged-in? (options :is-logged-in?)
-        token-maker   (options :token-maker)
-        token-reader  (options :token-reader)]
+
+   The following variables can be rebound:
+   - *login-token-key*
+        The cookie name to store the login-token under. 
+        Defaults to 'login-token'.
+        
+   - *login-token-expiry*
+        The number of milliseconds a login token is valid for.
+        Defaults to one week.
+"
+  [handler process-login-token? token-maker token-reader]
+  (let [login-token-key    *login-token-key*
+        login-token-expiry *login-token-expiry*]
     (fn [request]
-      (if (or (is-logged-in? (request :session))
-              (not (get-in request [:cookies token-key])))
-        (handler request)
+      (if (and (get-in request [:cookies login-token-key])
+               (process-login-token? request))
         (handle-request-with-login-token
           handler
           request
-          expiry
-          token-key
           token-maker
-          token-reader)))))
\ No newline at end of file
+          token-reader
+          login-token-key
+          login-token-expiry)
+        (handler request)))))