auth: Actually working JWT authentication

dev/test.http

@@ -8,8 +8,8 @@ POST http://localhost:3000/api/auth/login
 Content-Type: application/json
 
 {
-  "email": "bob@bobson.com",
-  "password": "test1234"
+  "email": "test9@example.com",
+  "password": "password9"
 }
 
 # Failing login
@@ -20,3 +20,8 @@ Content-Type: application/json
   "email": "[email protected]",
   "password": "4321tset"
 }
+
+# Get account info
+GET http://localhost:3000/api/account
+Authorization: Bearer eyJhbGciOiJIUzI1NiJ9.eyJ1c2VyLWlkIjoiY2M1YTVkMTYtYjgzYS00OTZkLTk5M2EtOTM2ZjQxOGUxZDNlIiwiZXhwIjoxNzI1NjE4NzIwfQ.NpBrduSxGICyTryLbuDQyOBK9VR4Wg-V23F_kRKrPMI
+Content-Type: application/json

src/apossiblespace/parts.clj

@@ -47,7 +47,8 @@
        ["/register"
         {:post {:handler account/register-account}}]]]]
     {:data {:middleware [[wrap-json-body {:keywords? true}]
-                         wrap-json-response]}})
+                         wrap-json-response
+                         auth/wrap-jwt-authentication]}})
    (ring/routes
     (swagger-ui/create-swagger-ui-handler
      {:path "/"

src/apossiblespace/parts/auth.clj

@@ -15,7 +15,17 @@
 (def secret
   (conf/jwt-secret (conf/config)))
 
-(def auth-backend (backends/jws {:secret secret}))
+(def auth-backend
+  (backends/jws
+   {:secret secret
+    :options {:alg :hs256}
+    :on-error (fn [_request ex]
+                (mulog/log ::auth-backend :error (.getMessage ex))
+                nil)
+    :token-name "Bearer"
+    :auth-fn (fn [claims]
+               (mulog/log ::auth-backend-auth-fn :claims claims)
+               claims)}))
 
 (defn create-token
   "Create a JWT token that will expire in 1 hour"
@@ -24,7 +34,7 @@
         exp (.plusSeconds now 3600)
         claims {:user-id user-id
                 :exp (.getEpochSecond exp)}]
-    (jwt/sign claims secret)))
+    (jwt/sign claims secret {:alg :hs256})))
 
 (defn hash-password
   [password]