[hunchentoot-devel] A simple way to handle logins?
Toby
tobia.conforto at linux.it
Thu Nov 23 10:50:10 UTC 2006
Vamsee Kanakala wrote:
> set the user object when the user logs in, and check for it at the
> beginning of a function
>
> However, most of my functions would require the login-check method to
> be run before they display the page.
Here's how I do it:
(declaim (special %current-user%))
(defmacro with-current-user (&body body)
`(let ((%current-user% (session-value current-user)))
(unless %current-user% (redirect "/login"))
, at body))
(defun my-protected-page-handler ()
(with-current-user
(with-html-output-to-string (*standard-output* nil :prologue t)
(:html
...
I use this pattern a lot: a session value, a related special variable,
and a macro that binds one to the other, taking action if the session
value is not set.
By the way, special variables bound by (let) forms are thread-specific,
at least on SBCL, so all is well.
You might also find this useful:
(defmacro with-session-values (declarations &body body)
"with-session-values ({session-value | (var session-value)}*) declaration* form*"
`(let ,(loop for decl in declarations
if (listp decl)
collect `(,(first decl) (session-value (quote ,(second decl))))
else
collect `(,decl (session-value (quote ,decl))))
, at body))
Toby
More information about the Tbnl-devel
mailing list