[racket] Help needed in writing Macro to transform (lambda (req) ....) to be used in web-server/servlet using auth cookies

From: J G Cho (gcho at fundingmatters.com)
Date: Sat Jun 25 12:55:14 EDT 2011

Seems like an elegant approach but....  "dispatcher outside the
servlet" goes over my head like an UFO over a crop duster.

I guess I will have to dig deeper into how the server is put together.

On Sat, Jun 25, 2011 at 1:23 AM, Jay McCarthy <jay.mccarthy at gmail.com> wrote:
> I find it more convenient to setup a dispatcher outside the servlet
> that checks for the authenticator, that way once it has passed that
> part of the dispatch chain, security can be relied upon. Something
> like...
>
> (serve/launch/wait
>  (sequence:make
>  (lift:make (lambda (req) (if (or (unsecured-url? req)
> (authenticated? req)) (next-dispatcher) (display-error/login-page))))
>  (dispatch/servlet ...)))
>
> Then the servlet code can basically ignore the authenticator.
>
> Jay
>
> 2011/6/24 J G Cho <gcho at fundingmatters.com>:
>> Hello again,
>>
>> I am guessing my problem calls for macro (which is "beyond my pay
>> scale") and I am hoping this is the right place.
>>
>> Anyway, after reading this
>> http://docs.racket-lang.org/web-server/faq.html#(part._.What_special_considerations_are_there_for_security_with_the_.Web_.Server_)
>>
>> I am led to believe that I will be writing lots of code like this:
>>
>> (define (some-sensitive-content req)
>>
>>   (if (user-is-legit req) ;check auth cookie
>>      (...what have you ...)
>>      (do-login-and-then-maybe-handle req)))
>>
>> So here is my first attemp at macro which sorta works:
>>
>> (define-syntax (guarded-handler stx)
>>  (syntax-case stx ()
>>    [(_ name body)
>>     #'(begin (define (name req)
>>                (if (user-is-legit req)
>>                    body
>>                    (ask-login req))))]))
>>
>> (guarded-handler gated-content
>>                 (response/xexpr
>>                  `(html (head (title "Gated Content"))
>>                         (body (p "Shhhhhhh")
>>                               (p
>>                                (a ([href "/logout "])
>>                                   "Done"))))))
>>
>> What I would really like, however, is
>>
>> (guard (lambda (req) ...)) to transformed to:
>>
>> (lambda (req)
>>   (if (user-is-legit req)
>>      (...what have you ...)
>>      (do-login-and-then-maybe-handle  req)))
>>
>> such that I can use it like:
>>
>> (define (count-dot-com i)
>>  (count-dot-com
>>  (send/suspend/dispatch
>>   (λ (embed/url)
>>     (response/xexpr
>>      `(html
>>        (head (title "Count!"))
>>        (body (h2 (a ([href ,(embed/url
>>                              (guard (λ (req)
>>                                (sub1 i))))])
>>                     "-"))
>> ...
>>
>> (define (count-dot-com i)
>>  (send/suspend/dispatch
>>   (λ (embed/url)
>>     (response/xexpr
>>      `(html
>>        (head (title "Count!"))
>>        (body (h2 (a ([href ,(embed/url
>>
>>                              (guard (λ (req)
>>                                (count-dot-com (sub1 i))))])
>>                     "-")
>> ...
>>
>> in addition to the first case like this:
>>
>> (define gated-content
>>  (guard (lambda (req) ...))
>>
>> Seems simple enough but my naive macros (not shown here to protect my
>> fragile ego) are failing.
>> Any help/suggestion is greatly appreciated.
>>
>> jGc
>>
>> _________________________________________________
>>  For list-related administrative tasks:
>>  http://lists.racket-lang.org/listinfo/users
>
>
>
> --
> Jay McCarthy <jay at cs.byu.edu>
> Assistant Professor / Brigham Young University
> http://faculty.cs.byu.edu/~jay
>
> "The glory of God is Intelligence" - D&C 93
>



Posted on the users mailing list.