I'm trying to code a login page, where:
the user will fill a form with post method
if the form has a target url starting with "/auth-", the user will be redirected to the "/login" page
the user will fill username and password, etc
if authorization is granted, all information will be, say, inserted to the database
if username or password is false, all information will be retained for a second chance
The intention is not much different than as described here, if my aim is not clear yet.
This around method inspired by this question allows me to redirect any link starting with "auth-" to redirect to a login page, along with the get parameters:
(defmethod hunchentoot:acceptor-dispatch-request :around
((acceptor hunchentoot:easy-acceptor) request)
(let* ((address-bar (cl-ppcre:split "\\?" (hunchentoot:request-uri* request)))
(just-url (first address-bar))
(query-params (second address-bar)))
(if (cl-ppcre:scan "^/auth-" just-url)
(hunchentoot:redirect (if query-params
(format nil "/login?~A" query-params)
"/login"))
(call-next-method))))
But how can I redirect with post parameters instead?
I thought sth along the lines:
(defmethod hunchentoot:acceptor-dispatch-request :around
((acceptor hunchentoot:easy-acceptor) request)
(let* ((just-url (car (cl-ppcre:split "\\?" (hunchentoot:request-uri* request)))))
(if (cl-ppcre:scan "^/auth-" just-url)
(hunchentoot:redirect "/login")
(call-next-method))))
(hunchentoot:define-easy-handler (login :uri "/login") ()
(with-html-output (*standard-output* nil :prologue t)
(:html
(:body
(dolist (post (hunchentoot:post-parameters*))
(format t "<div>~A ~A</div>" (car post) (cadr post)))))))
would work, but /login page fails to show anything. I guess the problem is that one cannot redirect with post data, as suggested by the link above.
My previous attempt was to create a function, which saved the url ( with get parameters) in a hidden input, letting the user sign in, and then redirecting to the saved url. This looked very similar to the 2nd suggestion of this answer, and works for me. It's just that I can't DRY it.
I wonder if this can be done more simply using an around method and simply adding a "auth-" in front of any link.
Two more points:
I guess I may dump the whole form to the session instead of post'ing them like this answer suggests, but I don't want to keep track of cookies. What if the user decides to give up and all the values remain in the session?
I prefer never to rely on http status code 307 like here.
Lastly, I don't want to try frameworks like restas or caveman, because I want to learn lisp and fit in. I'm sure this problem had been solved many times by many people. In the past I built some stuff with rails. I was like a script kiddie until I learned enough ruby to see things the way they are.
EDIT
Instead of (hunchentoot:redirect "/login"), I also tried (drakma:http-request "http://127.0.0.1:4242/login" :method :post :parameters (hunchentoot:post-parameters* request)), which failed with "ERROR MESSAGE 200". By the way, I don't know if trying to use drakma for this problem is an overkill or not.
Thank you for reading till the end.
