Default Interceptors
Description
If your service map does not include the key :io.pedestal.http/interceptors, then Pedestal will create a vector of default interceptors for you.
The default interceptors are added to your service map when you call
either
create-servlet, or create-server.
This document explains which interceptors are added under different conditions. Each interceptor has its own documentation that describes its specific behavior.
Modifying the Default Stack
If your service map already includes the key
:io.pedestal.http/interceptors when you call one of the create-
functions, then Pedestal won’t add the default interceptors. So what
should you do if you want to use the default interceptors, but want to
add your own interceptors to the default stack?
The solution is to call
default-interceptors
yourself, before calling create-server or create-servlet. That
way, default-interceptors can build the default stack, then your
application code has an opportunity to modify it. By the time you call
create-server or create-servlet, the
:io.pedestal.http/interceptors key will have your modified version
of the default interceptors.
Here is an example of adding interceptors to perform authentication
and authorization on every request. (Assuming we have a namespace
auth with functions to construct these interceptors given a
configuration.)
(defn service
[service-map authn-config authz-config]
(-> service-map
(http/default-interceptors) (1)
(update ::http/interceptors conj (auth/authentication-interceptor authn-config)) (2)
(update ::http/interceptors conj (auth/authorization-interceptor authz-config)) (3)
(http/create-server))) (4)| 1 | Attach the default interceptors to our service map |
| 2 | Modify the defaults to add authentication. |
| 3 | modify the defaults to add authorization. |
| 4 | Create the server as usual. This would normally attach the defaults, but will skip that because we’ve set them up ourselves. |
Default Interceptors
Some of the default interceptors are conditional. Pedestal adds them when other parts of the service map indicate a need for an interceptor. These will be noted below.
These are presented in the order that they appear in the interceptor
vector. That means their enter functions will be called in the order
they appear in this document, and their leave functions are called
in reverse order.
log-request
Always added. Logs each request at info level. See Logging
to configure loggers and logging levels.
allow-origin
Added when the service map has a value for :io.pedestal.http/allowed-origins.
not-found
Always added. However, if the service map includes a value for :io.pedestal.http/not-found-interceptor, then that interceptor will be used in this position instead of the built-in.
session
Added when the service map has a value for :io.pedestal.http/enable-session or :io.pedestal.http/enable-csrf.
anti-forgery
Added when the service map includes a value for :io.pedestal.http/enable-csrf.
content-type
Always added.
query-params
Always added.
method-param
Always added.
resource
Added when the service map has a value for :io.pedestal.http/resource-path.
file
Added when the service map has a value for :io.pedestal.http/file-path.
secure-headers
Added when the service map has a non-nil value for :io.pedestal.http/secure-headers or when the service map does not include the key :io.pedestal.http/secure-headers at all.
router
Always added.