6年前 · 7efece3d75
--- a/.gitignore
+++ b/.gitignore
@@ -0,0 +1,12 @@
 /target
 /classes
 /checkouts
 profiles.clj
 pom.xml
 pom.xml.asc
 *.jar
 *.class
 /.lein-*
 /.nrepl-port
 .hgignore
 .hg/
--- a/.rebel_readline_history
+++ b/.rebel_readline_history
@@ -0,0 +1 @@
 1579789561704::cljs/quit
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -0,0 +1,24 @@
 # Change Log
 All notable changes to this project will be documented in this file. This change log follows the conventions of [keepachangelog.com](http://keepachangelog.com/).

 ## [Unreleased]
 ### Changed
 - Add a new arity to `make-widget-async` to provide a different widget shape.

 ## [0.1.1] - 2020-01-22
 ### Changed
 - Documentation on how to make the widgets.

 ### Removed
 - `make-widget-sync` - we're all async, all the time.

 ### Fixed
 - Fixed widget maker to keep working when daylight savings switches over.

 ## 0.1.0 - 2020-01-22
 ### Added
 - Files from the new template.
 - Widget maker public API - `make-widget-sync`.

 [Unreleased]: https://github.com/your-name/auth-cljs-example/compare/0.1.1...HEAD
 [0.1.1]: https://github.com/your-name/auth-cljs-example/compare/0.1.0...0.1.1
--- a/LICENSE
+++ b/LICENSE
@@ -0,0 +1,277 @@
 Eclipse Public License - v 2.0

    THE ACCOMPANYING PROGRAM IS PROVIDED UNDER THE TERMS OF THIS ECLIPSE
    PUBLIC LICENSE ("AGREEMENT"). ANY USE, REPRODUCTION OR DISTRIBUTION
    OF THE PROGRAM CONSTITUTES RECIPIENT'S ACCEPTANCE OF THIS AGREEMENT.

 1. DEFINITIONS

 "Contribution" means:

  a) in the case of the initial Contributor, the initial content
     Distributed under this Agreement, and

  b) in the case of each subsequent Contributor:
     i) changes to the Program, and
     ii) additions to the Program;
  where such changes and/or additions to the Program originate from
  and are Distributed by that particular Contributor. A Contribution
  "originates" from a Contributor if it was added to the Program by
  such Contributor itself or anyone acting on such Contributor's behalf.
  Contributions do not include changes or additions to the Program that
  are not Modified Works.

 "Contributor" means any person or entity that Distributes the Program.

 "Licensed Patents" mean patent claims licensable by a Contributor which
 are necessarily infringed by the use or sale of its Contribution alone
 or when combined with the Program.

 "Program" means the Contributions Distributed in accordance with this
 Agreement.

 "Recipient" means anyone who receives the Program under this Agreement
 or any Secondary License (as applicable), including Contributors.

 "Derivative Works" shall mean any work, whether in Source Code or other
 form, that is based on (or derived from) the Program and for which the
 editorial revisions, annotations, elaborations, or other modifications
 represent, as a whole, an original work of authorship.

 "Modified Works" shall mean any work in Source Code or other form that
 results from an addition to, deletion from, or modification of the
 contents of the Program, including, for purposes of clarity any new file
 in Source Code form that contains any contents of the Program. Modified
 Works shall not include works that contain only declarations,
 interfaces, types, classes, structures, or files of the Program solely
 in each case in order to link to, bind by name, or subclass the Program
 or Modified Works thereof.

 "Distribute" means the acts of a) distributing or b) making available
 in any manner that enables the transfer of a copy.

 "Source Code" means the form of a Program preferred for making
 modifications, including but not limited to software source code,
 documentation source, and configuration files.

 "Secondary License" means either the GNU General Public License,
 Version 2.0, or any later versions of that license, including any
 exceptions or additional permissions as identified by the initial
 Contributor.

 2. GRANT OF RIGHTS

  a) Subject to the terms of this Agreement, each Contributor hereby
  grants Recipient a non-exclusive, worldwide, royalty-free copyright
  license to reproduce, prepare Derivative Works of, publicly display,
  publicly perform, Distribute and sublicense the Contribution of such
  Contributor, if any, and such Derivative Works.

  b) Subject to the terms of this Agreement, each Contributor hereby
  grants Recipient a non-exclusive, worldwide, royalty-free patent
  license under Licensed Patents to make, use, sell, offer to sell,
  import and otherwise transfer the Contribution of such Contributor,
  if any, in Source Code or other form. This patent license shall
  apply to the combination of the Contribution and the Program if, at
  the time the Contribution is added by the Contributor, such addition
  of the Contribution causes such combination to be covered by the
  Licensed Patents. The patent license shall not apply to any other
  combinations which include the Contribution. No hardware per se is
  licensed hereunder.

  c) Recipient understands that although each Contributor grants the
  licenses to its Contributions set forth herein, no assurances are
  provided by any Contributor that the Program does not infringe the
  patent or other intellectual property rights of any other entity.
  Each Contributor disclaims any liability to Recipient for claims
  brought by any other entity based on infringement of intellectual
  property rights or otherwise. As a condition to exercising the
  rights and licenses granted hereunder, each Recipient hereby
  assumes sole responsibility to secure any other intellectual
  property rights needed, if any. For example, if a third party
  patent license is required to allow Recipient to Distribute the
  Program, it is Recipient's responsibility to acquire that license
  before distributing the Program.

  d) Each Contributor represents that to its knowledge it has
  sufficient copyright rights in its Contribution, if any, to grant
  the copyright license set forth in this Agreement.

  e) Notwithstanding the terms of any Secondary License, no
  Contributor makes additional grants to any Recipient (other than
  those set forth in this Agreement) as a result of such Recipient's
  receipt of the Program under the terms of a Secondary License
  (if permitted under the terms of Section 3).

 3. REQUIREMENTS

 3.1 If a Contributor Distributes the Program in any form, then:

  a) the Program must also be made available as Source Code, in
  accordance with section 3.2, and the Contributor must accompany
  the Program with a statement that the Source Code for the Program
  is available under this Agreement, and informs Recipients how to
  obtain it in a reasonable manner on or through a medium customarily
  used for software exchange; and

  b) the Contributor may Distribute the Program under a license
  different than this Agreement, provided that such license:
     i) effectively disclaims on behalf of all other Contributors all
     warranties and conditions, express and implied, including
     warranties or conditions of title and non-infringement, and
     implied warranties or conditions of merchantability and fitness
     for a particular purpose;

     ii) effectively excludes on behalf of all other Contributors all
     liability for damages, including direct, indirect, special,
     incidental and consequential damages, such as lost profits;

     iii) does not attempt to limit or alter the recipients' rights
     in the Source Code under section 3.2; and

     iv) requires any subsequent distribution of the Program by any
     party to be under a license that satisfies the requirements
     of this section 3.

 3.2 When the Program is Distributed as Source Code:

  a) it must be made available under this Agreement, or if the
  Program (i) is combined with other material in a separate file or
  files made available under a Secondary License, and (ii) the initial
  Contributor attached to the Source Code the notice described in
  Exhibit A of this Agreement, then the Program may be made available
  under the terms of such Secondary Licenses, and

  b) a copy of this Agreement must be included with each copy of
  the Program.

 3.3 Contributors may not remove or alter any copyright, patent,
 trademark, attribution notices, disclaimers of warranty, or limitations
 of liability ("notices") contained within the Program from any copy of
 the Program which they Distribute, provided that Contributors may add
 their own appropriate notices.

 4. COMMERCIAL DISTRIBUTION

 Commercial distributors of software may accept certain responsibilities
 with respect to end users, business partners and the like. While this
 license is intended to facilitate the commercial use of the Program,
 the Contributor who includes the Program in a commercial product
 offering should do so in a manner which does not create potential
 liability for other Contributors. Therefore, if a Contributor includes
 the Program in a commercial product offering, such Contributor
 ("Commercial Contributor") hereby agrees to defend and indemnify every
 other Contributor ("Indemnified Contributor") against any losses,
 damages and costs (collectively "Losses") arising from claims, lawsuits
 and other legal actions brought by a third party against the Indemnified
 Contributor to the extent caused by the acts or omissions of such
 Commercial Contributor in connection with its distribution of the Program
 in a commercial product offering. The obligations in this section do not
 apply to any claims or Losses relating to any actual or alleged
 intellectual property infringement. In order to qualify, an Indemnified
 Contributor must: a) promptly notify the Commercial Contributor in
 writing of such claim, and b) allow the Commercial Contributor to control,
 and cooperate with the Commercial Contributor in, the defense and any
 related settlement negotiations. The Indemnified Contributor may
 participate in any such claim at its own expense.

 For example, a Contributor might include the Program in a commercial
 product offering, Product X. That Contributor is then a Commercial
 Contributor. If that Commercial Contributor then makes performance
 claims, or offers warranties related to Product X, those performance
 claims and warranties are such Commercial Contributor's responsibility
 alone. Under this section, the Commercial Contributor would have to
 defend claims against the other Contributors related to those performance
 claims and warranties, and if a court requires any other Contributor to
 pay any damages as a result, the Commercial Contributor must pay
 those damages.

 5. NO WARRANTY

 EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, AND TO THE EXTENT
 PERMITTED BY APPLICABLE LAW, THE PROGRAM IS PROVIDED ON AN "AS IS"
 BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, EITHER EXPRESS OR
 IMPLIED INCLUDING, WITHOUT LIMITATION, ANY WARRANTIES OR CONDITIONS OF
 TITLE, NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR
 PURPOSE. Each Recipient is solely responsible for determining the
 appropriateness of using and distributing the Program and assumes all
 risks associated with its exercise of rights under this Agreement,
 including but not limited to the risks and costs of program errors,
 compliance with applicable laws, damage to or loss of data, programs
 or equipment, and unavailability or interruption of operations.

 6. DISCLAIMER OF LIABILITY

 EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, AND TO THE EXTENT
 PERMITTED BY APPLICABLE LAW, NEITHER RECIPIENT NOR ANY CONTRIBUTORS
 SHALL HAVE ANY LIABILITY FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
 EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING WITHOUT LIMITATION LOST
 PROFITS), HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
 CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
 ARISING IN ANY WAY OUT OF THE USE OR DISTRIBUTION OF THE PROGRAM OR THE
 EXERCISE OF ANY RIGHTS GRANTED HEREUNDER, EVEN IF ADVISED OF THE
 POSSIBILITY OF SUCH DAMAGES.

 7. GENERAL

 If any provision of this Agreement is invalid or unenforceable under
 applicable law, it shall not affect the validity or enforceability of
 the remainder of the terms of this Agreement, and without further
 action by the parties hereto, such provision shall be reformed to the
 minimum extent necessary to make such provision valid and enforceable.

 If Recipient institutes patent litigation against any entity
 (including a cross-claim or counterclaim in a lawsuit) alleging that the
 Program itself (excluding combinations of the Program with other software
 or hardware) infringes such Recipient's patent(s), then such Recipient's
 rights granted under Section 2(b) shall terminate as of the date such
 litigation is filed.

 All Recipient's rights under this Agreement shall terminate if it
 fails to comply with any of the material terms or conditions of this
 Agreement and does not cure such failure in a reasonable period of
 time after becoming aware of such noncompliance. If all Recipient's
 rights under this Agreement terminate, Recipient agrees to cease use
 and distribution of the Program as soon as reasonably practicable.
 However, Recipient's obligations under this Agreement and any licenses
 granted by Recipient relating to the Program shall continue and survive.

 Everyone is permitted to copy and distribute copies of this Agreement,
 but in order to avoid inconsistency the Agreement is copyrighted and
 may only be modified in the following manner. The Agreement Steward
 reserves the right to publish new versions (including revisions) of
 this Agreement from time to time. No one other than the Agreement
 Steward has the right to modify this Agreement. The Eclipse Foundation
 is the initial Agreement Steward. The Eclipse Foundation may assign the
 responsibility to serve as the Agreement Steward to a suitable separate
 entity. Each new version of the Agreement will be given a distinguishing
 version number. The Program (including Contributions) may always be
 Distributed subject to the version of the Agreement under which it was
 received. In addition, after a new version of the Agreement is published,
 Contributor may elect to Distribute the Program (including its
 Contributions) under the new version.

 Except as expressly stated in Sections 2(a) and 2(b) above, Recipient
 receives no rights or licenses to the intellectual property of any
 Contributor under this Agreement, whether expressly, by implication,
 estoppel or otherwise. All rights in the Program not expressly granted
 under this Agreement are reserved. Nothing in this Agreement is intended
 to be enforceable by any entity that is not a Contributor or Recipient.
 No third-party beneficiary rights are created under this Agreement.

 Exhibit A - Form of Secondary Licenses Notice

 "This Source Code may also be made available under the following 
 Secondary Licenses when the conditions for such availability set forth 
 in the Eclipse Public License, v. 2.0 are satisfied: {name license(s),
 version(s), and exceptions or additional permissions here}."

  Simply including a copy of this Agreement, including this Exhibit A
  is not sufficient to license the Source Code under Secondary Licenses.

  If it is not possible or desirable to put the notice in a particular
  file, then You may include the notice in a location (such as a LICENSE
  file in a relevant directory) where a recipient would be likely to
  look for such a notice.

  You may add additional accurate notices of copyright ownership.
--- a/README.md
+++ b/README.md
@@ -0,0 +1,22 @@
 # auth-cljs-example

 A Clojure library designed to ... well, that part is up to you.

 ## Usage

 FIXME

 ## License

 Copyright © 2020 FIXME

 This program and the accompanying materials are made available under the
 terms of the Eclipse Public License 2.0 which is available at
 http://www.eclipse.org/legal/epl-2.0.

 This Source Code may also be made available under the following Secondary
 Licenses when the conditions for such availability set forth in the Eclipse
 Public License, v. 2.0 are satisfied: GNU General Public License as published by
 the Free Software Foundation, either version 2 of the License, or (at your
 option) any later version, with the GNU Classpath Exception which is available
 at https://www.gnu.org/software/classpath/license.html.
--- a/doc/cors
+++ b/doc/cors
@@ -0,0 +1,239 @@
 * Cross-Origin Resource Sharing (CORS)
 *Cross-Origin Resource Sharing (CORS)* is a mechanism that uses additional HTTP headers to tell a browser to let a web application running at one origin 
 (domain) have permission to access selected resources from a server at a different origin. A web application makes a cross-origin HTTP 
 request when it requests a resource that has a different origin (domain, protocol, and port) than its own origin.

 If you ever worked with an AJAX call, you are probably familiar with the following error displayed in browser console:

 ~Failed to load https://example.com/: No ‘Access-Control-Allow-Origin’ header is present on the requested resource. Origin ‘https://anfo.pl' is therefore not allowed access.
 If an opaque response serves your needs, set the request’s mode to ‘no-cors’ to fetch the resource with CORS disabled.~

 If you see this message it means the response failed yet you are still able to see the returned data if you go to the Network tab — what’s the idea here?

 The behavior you are observing is the effect of browsers CORS implementation.

 Before CORS became standarized there was no way to call an API endpoint under different domain for security reasons. This was (and to some degree still is) blocked by the Same-Origin Policy.

 CORS is a mechanism which aims to allow requests made on behalf of you and at the same time block some requests made by rogue JS and is triggered whenever you are making an HTTP request to:

 * A different domain (eg. site at example.com calls api.com)
 * A different sub domain (eg. site at example.com calls api.example.com)
 * A different port (eg. site at example.com calls example.com:3001)
 * A different protocol (eg. site at https://example.com calls http://example.com)

 This mechanism prevents attackers that plant scripts on various websites (eg. in ads displayed via Google Ads) to make an AJAX call to www.yourbank.com and 
 in case you were logged in making a transaction using *your* credentials.

 If the server does not respond with specific headers to a 
 “simple” GET or POST request — it will still be send, the data still received but the browser will not allow JavaScript to access the response.

 If your browser tries to make a “non simple” request (eg. an request that includes cookies, or which Content-type is other than application/x-ww-form-urlencoded, 
 multipart/form-data or text-plain) an mechanism called preflight will be used and an OPTIONS request will be sent to the server.

 A common example of “non simple” request is to add cookies or custom headers — it your browser sends such a request and the server does not respond properly, 
 only the preflight call will be made (without the extra headers) but the actual HTTP request the brower meant to make will not be sent.

 ** Access-Control-Allow-What?
 CORS uses a few HTTP headers — both in request and response — but the ones you must understand in order to be able to continue working are:

 *** Access-Control-Allow-Origin
 This header is meant to be returned by the server, and indicate what client-domains are allowed to access its resources. The value can be:
 * * — allow any domain
 * A fully qualified domain name (eg. https://example.com)

 ~If you require the client to pass authentication headers (e.g. cookies) the value can not be * — it must be a fully qualified domain!~

 *** Access-Control-Allow-Credentials
 This header is only required to be present in the response if your server supports authentication via cookies. The only valid value for this case is ~true~.

 *** Access-Control-Allow-Headers
 Provides a comma separated list of request header values the server is willing to support. If you use custom headers (eg. ~x-authentication-token~ you need to return it in this ACA header response to ~OPTIONS~ call, otherwise the request will be blocked.

 *** Access-Control-Expose-Headers
 Similarly, this response should contain a list of headers that will be present in the actual response to the call and should be made available to the client. All other headers will be restricted.

 *** Access-Control-Allow-Methods
 A comma separated list of HTTP request type verbs (eg. ~GET, POST~) which the server is willing to support.

 *** Origin
 This header is part of the request that the client is making, and will contain the domain from which the application is started. For security reasons browsers will not allow you to overwrite this value.

 * Sign-up & Sign-in
 For Sign-in and Sign-up feature we will be using [[https://github.com/JulianBirch/cljs-ajax][CLJS-AJAX]] for ~Auth-cljs-example~ project. But before that we need to create a ~:builds~ for our cljs file in project.clj.

 1)Create routes for sign-in and sign-up respectively in *core.clj*
 #+BEGIN_SRC
 (GET "/login" [] (resp/resource-response "login.html" {:root "public"}))
 (GET "/signup" [] (resp/resource-response "signup.html" {:root "public"}))
 #+END_SRC

 2)Add ~:dependencies~ and ~:builds~ in project.clj 

 *:dependencies*
 #+BEGIN_SRC
 :dependencies [........
                [ring/ring-json "0.5.0"]
                [cljs-ajax "0.8.0"]
                .......]
 #+END_SRC
 *:builds*
 For Sign-in:
 #+BEGIN_SRC
 :login {:source-paths ["src/cljs"]
                           :figwheel true
                           :compiler
                           {:main auth-cljs-example.login
                            :asset-path "cljs-out/login"
                            :output-to "target/public/cljs-out/login-main.js"
                            :output-dir "target/public/cljs-out/login"
                            :source-map-timestamp true}}
 #+END_SRC

 For Sign-up:
 #+BEGIN_SRC
 :signup {:source-paths ["src/cljs"]
                           :figwheel true
                           :compiler
                           {:main auth-cljs-example.signup
                            :asset-path "cljs-out/signup"
                            :output-to "target/public/cljs-out/signup-main.js"
                            :output-dir "target/public/cljs-out/signup"
                            :source-map-timestamp true}}
 #+END_SRC
 3)Create a ~builds.cljs.edn~ file in your project

 For ~Sign-in~ create a file ~login.cljs.edn~ and add these codes
 #+BEGIN_SRC
 ^{:open-url "http://localhost:[[server-port]]/login.html"}
 {:main auth-cljs-example.login}
 #+END_SRC

 For ~Sign-up~ create a file ~signup.cljs.edn~ and add these codes
 #+BEGIN_SRC
 ^{:open-url "http://localhost:[[server-port]]/signup.html"}
 {:main auth-cljs-example.signup}
 #+END_SRC

 4)Create ~login.html~ and ~signup.html~ file in ~resource/public~ folder respectively

 *login.html*
 #+ATTR_HTML: :textarea t :width 40
 #+BEGIN_EXAMPLE
 <!DOCTYPE html>
 <html>
    <head>
        <meta charset="utf-8">
        <meta http-equiv="X-UA-Compatible" content="IE=edge">
        <meta name="viewport" content="width=device-width, initial-scale=1">
        <link rel="stylesheet" href="css/login.css"/>
    </head>
    <body>
        <div id="app"></div>
        <script src="/cljs-out/login-main.js" type="text/javascript"></script>
    </body>
 </html>
 #+END_EXAMPLE
 *signup.html*
 #+ATTR_HTML: :textarea t :width 40
 #+BEGIN_EXAMPLE
 <!DOCTYPE html>
 <html>
    <head>
        <meta charset="utf-8">
        <meta http-equiv="X-UA-Compatible" content="IE=edge">
        <meta name="viewport" content="width=device-width, initial-scale=1">
        <link rel="stylesheet" href="css/signup.css"/>
    </head>
    <body>
        <div id="app"></div>
        <script src="/cljs-out/signup-main.js" type="text/javascript"></script>
    </body>
 </html>
 #+END_EXAMPLE

 5)Create a ~login.cljs~ file in ~src/cljs~ folder, create a form for ~username~ and ~password~ and add these codes for accessing the data from server side database ~(Stamp project)~
 #+BEGIN_SRC
 (ns auth-cljs-example.login
  (:require [ajax.core :refer [GET POST]]))

 (defn handler [response]
  (.log js/console (str response)))

 (defn error-handler [{:keys [status status-text]}]
  (.log js/console (str "something bad happened: " status " " status-text)))
  
  (POST "http://localhost:4000/create-auth-token"
    {:params {:username @username
              :password @password}
     :handler handler
     :error-handler error-handler
     :format :json
     :keywords? true})
 #+END_SRC
 This url ~http://localhost:4000/create-auth-token~ is from ~Stamp~ project. Now after doing all the above steps for sign-in 
 and submitting the login form after entering the username and password, it will create the ~auth-token~ for the registered user and store in the H2 database, you can also check in console also fro the ~auth-token~.

 Create a ~signup.cljs~ file in ~src/cljs~ folder, create a form for ~username~ and ~password~ and add these codes for storing the data in the server side database ~(Stamp project)~
 #+BEGIN_SRC
 (ns auth-cljs-example.signup
  (:require [ajax.core :refer [GET POST]]))

 (defn handler [response]
  (.log js/console (str "User added successfully" response)))

 (defn error-handler [{:keys [status status-text]}]
  (.log js/console (str "User already exist " status " " status-text)))
  
  (POST "http://localhost:4000/sign-up"
    {:params {:username @username
              :password @password}
     :handler handler
     :error-handler error-handler
     :format :json
     :keywords? true})
 #+END_SRC
 This url ~http://localhost:4000/sign-up~ is from ~Stamp~ project. Now after doing all the above steps for sign-up
 and submitting the signup form after entering the username and password, it will register the user and store it in the 
 H2 database, you can also check in console as it will display the message for newly register user as ~User added successfully~
 and for already registered user ~User already exist~

 All these are done on the *Client Side~ i.e *Auth-cljs-example* project.On the *Server Side* also we need to add few codes to avoid *CORS ERROR* 

 * Server Side (Stamp project)
 1)Add ~:dependency~ in project.clj ~[ring-cors "0.1.13"]~

 2)In core.clj add these codes
 #+BEGIN_SRC
 (ns xtnt-auth.core
  (:require ......
            [ring.middleware.cors           :refer [wrap-cors]]
            .......))
   
   (defroutes app-routes
        ..........
        (POST "/sign-up" [] handlers/sign-up)
        ........)
        
 (def handler
  (wrap-cors app-routes
             :access-control-allow-origin [#".*"]
             :access-control-allow-methods [:get :put :post :delete]
             :access-control-allow-headers ["accept"
                                            "origin"
                                            "accept-encoding"
                                            "accept-language"
                                            "content-type"
                                            "authorization"]
             :access-control-allow-credentials ["true"]))
             
 #+END_SRC


 *** Refernces:-
 [[https://github.com/JulianBirch/cljs-ajax][CLJS-AJAX]]

 [[https://www.w3.org/TR/cors/][W3C CORS]]

 [[https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS][MDN WEB DOCS FOR CORS]]

 [[https://www.codecademy.com/articles/what-is-cors][CODEACADEMY CORS]]
--- a/doc/intro.md
+++ b/doc/intro.md
@@ -0,0 +1,3 @@
 # Introduction to auth-cljs-example

 TODO: write [great documentation](http://jacobian.org/writing/what-to-write/)
--- a/figwheel-main.edn
+++ b/figwheel-main.edn
@@ -0,0 +1,2 @@
 {:watch-dirs ["src/cljs"]
 :css-dirs ["resources/public/css"]}
--- a/login.cljs.edn
+++ b/login.cljs.edn
@@ -0,0 +1,2 @@
 ^{:open-url "http://localhost:[[server-port]]/login.html"}
 {:main auth-cljs-example.login}
--- a/project.clj
+++ b/project.clj
@@ -0,0 +1,55 @@
 (defproject auth-cljs-example "0.1.0-SNAPSHOT"
  :description "FIXME: write description"
  :url "http://example.com/FIXME"
  :license {:name "EPL-2.0 OR GPL-2.0-or-later WITH Classpath-exception-2.0"
            :url "https://www.eclipse.org/legal/epl-2.0/"}

  :dependencies [[org.clojure/clojure "1.9.0"]
                 [ring/ring-jetty-adapter "1.8.0"]
                 [compojure "1.6.1"]
                 [org.clojure/clojurescript "1.10.520"]
                 [http-kit "2.3.0"]
                 [reagent "0.9.1"]
                 [hiccups "0.3.0"]
                 [ring/ring-json "0.5.0"]
                 [cljs-ajax "0.8.0"]]

  :main auth-cljs-example.core
  :source-paths ["src/clj" "src/cljs"]
  :resource-paths ["target" "resources"]

  :aliases {"fig" ["trampoline" "run" "-m" "figwheel.main"]
            "build-dev" ["trampoline" "run" "-m" "figwheel.main" "-b" "dev" "-r"]}

  :profiles
    {:dev
      {:dependencies [[binaryage/devtools "0.9.10"]
                      [cider/piggieback "0.4.2"]
                      [com.bhauman/figwheel-main "0.2.3"]
                      [com.bhauman/rebel-readline-cljs "0.1.4"]
                      [figwheel-sidecar "0.5.19"]]

       :main auth-cljs-example.core
       :cljsbuild
       {:builds {:login {:source-paths ["src/cljs"]
                        :figwheel true
                        :compiler
                        {:main auth-cljs-example.login
                         :asset-path "cljs-out/login"
                         :output-to "target/public/cljs-out/login-main.js"
                         :output-dir "target/public/cljs-out/login"
                         :source-map-timestamp true}}
                 :signup {:source-paths ["src/cljs"]
                         :figwheel true
                         :compiler
                         {:main auth-cljs-example.signup
                          :asset-path "cljs-out/login"
                          :output-to "target/public/cljs-out/login-main.js"
                          :output-dir "target/public/cljs-out/login"
                          :source-map-timestamp true}}}}

       :repl-options {:nrepl-middleware [cider.piggieback/wrap-cljs-repl]}
       ;; need to add the compliled assets to the :clean-targets
       :clean-targets ^{:protect false} ["target/public/cljs-out"
                                         :target-path]}})

--- a/resources/.DS_Store
+++ b/resources/.DS_Store
--- a/resources/public/css/login.css
+++ b/resources/public/css/login.css
@@ -0,0 +1,8 @@
 h1 {text-align: center}

 .loginBox {
    width: 300px;
    border: 1px solid black;
    padding: 30px;
    margin-top: 10%;
    margin-left: 35%;}
--- a/resources/public/css/signup.css
+++ b/resources/public/css/signup.css
@@ -0,0 +1,8 @@
 h1 {text-align: center}

 .signUpBox {
    width: 300px;
    border: 1px solid black;
    padding: 30px;
    margin-top: 10%;
    margin-left: 35%;}
--- a/resources/public/login.html
+++ b/resources/public/login.html
@@ -0,0 +1,13 @@
 <!DOCTYPE html>
 <html>
    <head>
        <meta charset="utf-8">
        <meta http-equiv="X-UA-Compatible" content="IE=edge">
        <meta name="viewport" content="width=device-width, initial-scale=1">
        <link rel="stylesheet" href="css/login.css"/>
    </head>
    <body>
        <div id="app"></div>
        <script src="/cljs-out/login-main.js" type="text/javascript"></script>
    </body>
 </html>
--- a/resources/public/signup.html
+++ b/resources/public/signup.html
@@ -0,0 +1,13 @@
 <!DOCTYPE html>
 <html>
    <head>
        <meta charset="utf-8">
        <meta http-equiv="X-UA-Compatible" content="IE=edge">
        <meta name="viewport" content="width=device-width, initial-scale=1">
        <link rel="stylesheet" href="css/signup.css"/>
    </head>
    <body>
        <div id="app"></div>
        <script src="/cljs-out/signup-main.js" type="text/javascript"></script>
    </body>
 </html>
--- a/signup.cljs.edn
+++ b/signup.cljs.edn
@@ -0,0 +1,2 @@
 ^{:open-url "http://localhost:[[server-port]]/signup.html"}
 {:main auth-cljs-example.signup}
--- a/src/.DS_Store
+++ b/src/.DS_Store
--- a/src/clj/.DS_Store
+++ b/src/clj/.DS_Store
--- a/src/clj/auth_cljs_example/core.clj
+++ b/src/clj/auth_cljs_example/core.clj
@@ -0,0 +1,21 @@
 (ns auth-cljs-example.core
  (:require [compojure.core         :refer [defroutes GET]]
            [compojure.route        :refer [not-found resources]]
            [hiccup.core            :refer :all]
            [hiccup.page            :refer :all]
            [ring.adapter.jetty     :as jetty]
            [ring.util.response :as resp]
            [ring.middleware.reload :refer [wrap-reload]]))

 (defn foo [request]
  (html5 [:h1 "Welcome to the Auth-Cljs-Example"]))

 (defroutes app
  (GET "/" [] foo)
  (GET "/login" [] (resp/resource-response "login.html" {:root "public"}))
  ;;(GET "/signup" [] (resp/resource-response "signup.html" {:root "public"}))
  (resources "/")
  (not-found "<h1>Page not found</h1>"))

 (defn -main []
  (jetty/run-jetty  (wrap-reload #'app) {:port 8000}))
--- a/src/cljs/.DS_Store
+++ b/src/cljs/.DS_Store
--- a/src/cljs/auth_cljs_example/.DS_Store
+++ b/src/cljs/auth_cljs_example/.DS_Store
--- a/src/cljs/auth_cljs_example/core.cljs
+++ b/src/cljs/auth_cljs_example/core.cljs
@@ -0,0 +1,3 @@
 (ns auth-cljs-example.core)

 (.log js/console "this is core.cljs file")
--- a/src/cljs/auth_cljs_example/login.cljs
+++ b/src/cljs/auth_cljs_example/login.cljs
@@ -0,0 +1,44 @@
 (ns auth-cljs-example.login
   (:require [reagent.core :as r]
            [ajax.core :refer [GET POST]]))

 (defn atom-username [value]
  [:input {:type "text"
           :value @value
           :on-change #(reset! value (-> % .-target .-value))}])

 (defn atom-password [value]
  [:input {:type "password"
           :value @value
           :on-change #(reset! value (-> % .-target .-value))}])

 (defn handler [response]
  (.log js/console (str response)))

 (defn error-handler [{:keys [status status-text]}]
  (.log js/console (str "something bad happened: " status " " status-text)))

 (defn shared-state []
  (let [username (r/atom "")
        password (r/atom "")]
    (fn []
      [:div
       [:h1 "Welcome to Sign in-Page"]
       [:div.loginBox
        [:p "Enter Username: " [atom-username username]]
        [:p "Enter Password: " [atom-password password]]
        [:button {:type "submit" :on-click (
                                           fn []
                                            (POST "http://localhost:4000/create-auth-token"
                                                {:params {:username @username
                                                          :password @password}
                                                 :handler handler
                                                 :error-handler error-handler
                                                 :format :json
                                                 :keywords? true}))} "Login"]]])))

 (defn app-container []
  (shared-state))

 (r/render-component [app-container]
                          (. js/document (getElementById "app")))
--- a/src/cljs/auth_cljs_example/signup.cljs
+++ b/src/cljs/auth_cljs_example/signup.cljs
@@ -0,0 +1,44 @@
 (ns auth-cljs-example.signup
   (:require [reagent.core :as r]
            [ajax.core :refer [GET POST]]))

 (defn atom-username [value]
  [:input {:type "text"
           :value @value
           :on-change #(reset! value (-> % .-target .-value))}])

 (defn atom-password [value]
  [:input {:type "password"
           :value @value
           :on-change #(reset! value (-> % .-target .-value))}])

 (defn handler [response]
  (.log js/console (str "User added successfully" response)))

 (defn error-handler [{:keys [status status-text]}]
  (.log js/console (str "User already exist " status " " status-text)))

 (defn shared-state []
  (let [username (r/atom "")
        password (r/atom "")]
    (fn []
      [:div
       [:h1 "Welcome to Sign Up-Page"]
       [:div.signUpBox
        [:p "Enter Username: " [atom-username username]]
        [:p "Enter Password: " [atom-password password]]
        [:button {:type "submit" :on-click (
                                           fn []
                                            (POST "http://localhost:4000/sign-up"
                                                {:params {:username @username
                                                          :password @password}
                                                 :handler handler
                                                 :error-handler error-handler
                                                 :format :json
                                                 :keywords? true}))} "Sign Up"]]])))

 (defn app-container []
  (shared-state))

 (r/render-component [app-container]
                          (. js/document (getElementById "app")))
--- a/test/auth_cljs_example/core_test.clj
+++ b/test/auth_cljs_example/core_test.clj
@@ -0,0 +1,7 @@
 (ns auth-cljs-example.core-test
  (:require [clojure.test :refer :all]
            [auth-cljs-example.core :refer :all]))

 (deftest a-test
  (testing "FIXME, I fail."
    (is (= 0 1))))