In my new project I want to use webmachine and mochiweb. First thing i want to do is authentication.
I edit "dispatch.conf" and make some resources, like:
{["auth"], my_res_auth, []}.
{["protected"], my_res_protected, []}.
{['*'], my_res_default, []}.
When some one access "protected" resource i want to redirect him to "auth" resource if he not logged in. "auth" resource contains web form with user name and password, it do all auth work.
I put such code inside of my_res_protected.erl:
is_authorized(ReqData, State) ->
case my_auth:is_authorized(ReqData) of
true -> {true, ReqData, State};
false ->
% here should be something to redirect user to "auth" resource
% currently i put such thing, which is incorrect:
{true, wrq:do_redirect(true, wrq:set_resp_header("location", "/auth", ReqData)), State}
% dont know what should i put instead of "true"
end.
i googled some example of how to do it, but dont like that i should have to put this functions in all resources, which requires auth.
Is there any way to do it?
In the case where you're not authorized and
do_redirect
is false, why not just return{ false, ReqData, State }
like webmachine expects foris_authorized()
, instead of constructing the response yourself?