I am trying to set up a full stack Clojure and ClojureScript web app. I am using Reagent and Ring but am running into a 403 error when I try post data using promesa.
On the ClojureScript side I have the following page where it attempts to post data and wait for the response.
(defn trigger-page []
(let [do-the-thing (fn []
(promesa/let [_response (js/fetch "api/trigger/" (clj->js {:headers {:Content-Type "application/json"}
:method "POST"
:body (js/JSON.stringify #js {:args "TEST"})}))
response (.json _response)
data (js->clj response :keywordize-keys true)]
(js/console.log response)
data))]
(fn []
[:span.main
(js/console.log "test")
[:h1 "Trigger"]
[:button {:on-click #(do-the-thing)} "Trigger"]
[:ul]])))
On the Clojure backend I have the app and supporting function defined as follows:
(defn do-the-stuff [req]
(r/response {:response "STUFF"}))
(def app
(reitit-ring/ring-handler
(reitit-ring/router
[["/" {:get {:handler index-handler}}]
["/trigger" {:get {:handler index-handler}}]
["api/"
["trigger/" {:post do-the-stuff}]]
["/about" {:get {:handler index-handler}}]])
(reitit-ring/routes
(reitit-ring/create-resource-handler {:path "/" :root "/public"})
(reitit-ring/create-default-handler))
{:middleware middleware}))
The middleware is the default created by the leiningen reagent template:
(def middleware
[#(wrap-defaults % site-defaults)
wrap-exceptions
wrap-reload])
Currently, whenever I press the trigger button I get a 403 Invalid anti-forgery token
response. I have tried using ring-clojure/ring-anti-forgery with no success. Would greatly appreciate any recomnedations!
Update to fix this problem, in the do-the-stuff
I changed from (ring/response {:response "STUFF"}) to just returning {:response "STUFF"}. This solved my invalid anti-forgery token issues.