diff --git a/src/mtgcoll/middleware.clj b/src/mtgcoll/middleware.clj index 647e502..b70f6a0 100644 --- a/src/mtgcoll/middleware.clj +++ b/src/mtgcoll/middleware.clj @@ -1,5 +1,6 @@ (ns mtgcoll.middleware (:require + [clojure.tools.logging :as log] [webtools.response :as response] [mtgcoll.auth :as auth])) @@ -10,4 +11,15 @@ (get-in request [:session :user])) (handler request) (-> (response/content "unauthorized") - (response/status 401))))) \ No newline at end of file + (response/status 401))))) + +(defn wrap-api-exceptions + [handler] + (fn [request] + (try + (handler request) + (catch Exception ex + (log/error ex "Unhandled exception.") + (-> (response/json {:status "error" + :message (.getMessage ex)}) + (response/status 500)))))) diff --git a/src/mtgcoll/routes/auth.clj b/src/mtgcoll/routes/auth.clj index 7749214..203bc62 100644 --- a/src/mtgcoll/routes/auth.clj +++ b/src/mtgcoll/routes/auth.clj @@ -3,30 +3,37 @@ [clojure.tools.logging :as log] [compojure.core :refer [routes GET POST]] [webtools.response :as response] + [webtools.routes.core :refer [wrap-middleware]] [webtools.session :as session] + [mtgcoll.middleware :refer [wrap-api-exceptions wrap-authenticated]] [mtgcoll.auth :as auth])) (def auth-routes - (routes - (POST "/login" [username password :as request] - (if-let [user (auth/validate-credentials username password)] - (do - (log/info username " logged in.") - (-> (response/json user) - (session/set-from-request request) - (session/assoc :user user))) - (do - (log/warn "Unsuccessful login attempt by: " username) - (-> (response/content "bad username/password") - (response/status 401))))) + (wrap-middleware + (routes + (POST "/login" [username password :as request] + (if-let [user (auth/validate-credentials username password)] + (do + (log/info username " logged in.") + (-> (response/json user) + (session/set-from-request request) + (session/assoc :user user))) + (do + (log/warn "Unsuccessful login attempt by: " username) + (-> (response/json {:status "unauthorized" + :message "bad username/password"}) + (response/status 401))))) - (POST "/logout" request - (if-let [user (get-in request [:session :user])] - (do - (log/info (:username user) " logged out.") - (-> (response/content "ok") - (session/set-from-request request) - (session/dissoc :user))) - (do - (-> (response/content "not logged in") - (response/status 400))))))) + (POST "/logout" request + (if-let [user (get-in request [:session :user])] + (do + (log/info (:username user) " logged out.") + (-> (response/content "ok") + (session/set-from-request request) + (session/dissoc :user))) + (do + (-> (response/json {:status "error" + :message "not logged in"}) + (response/status 400)))))) + + (wrap-api-exceptions))) diff --git a/src/mtgcoll/routes/collection.clj b/src/mtgcoll/routes/collection.clj index 5054ba7..f607b37 100644 --- a/src/mtgcoll/routes/collection.clj +++ b/src/mtgcoll/routes/collection.clj @@ -3,7 +3,7 @@ [compojure.core :refer [routes GET POST]] [webtools.response :as response] [webtools.routes.core :refer [wrap-middleware]] - [mtgcoll.middleware :refer [wrap-authenticated]] + [mtgcoll.middleware :refer [wrap-api-exceptions wrap-authenticated]] [mtgcoll.models.collection :as collection])) (def collection-routes @@ -23,4 +23,6 @@ (let [username (get-in request [:session :user :username]) result (collection/copy-list! source-list-id destination-list-id username)] (response/json {:status "ok"})))) + + (wrap-api-exceptions) (wrap-authenticated))) diff --git a/src/mtgcoll/routes/lists.clj b/src/mtgcoll/routes/lists.clj index 60d9a39..5b0e2ed 100644 --- a/src/mtgcoll/routes/lists.clj +++ b/src/mtgcoll/routes/lists.clj @@ -3,7 +3,7 @@ [compojure.core :refer [routes GET POST]] [webtools.response :as response] [webtools.routes.core :refer [wrap-middleware]] - [mtgcoll.middleware :refer [wrap-authenticated]] + [mtgcoll.middleware :refer [wrap-api-exceptions wrap-authenticated]] [mtgcoll.models.lists :as lists])) (def list-routes @@ -31,4 +31,5 @@ (lists/update-list-visibility! list-id public?) (response/json {:status "ok"}))) + (wrap-api-exceptions) (wrap-authenticated))) \ No newline at end of file