Default Interceptors

Description

If your service map does not include the key :io.pedestal.http/interceptors, then Pedestal will create a vector of default interceptors for you.

The default interceptors are added to your service map when you call either create-servlet, or create-server.

This document explains which interceptors are added under different conditions. Each interceptor has its own documentation that describes its specific behavior.

Modifying the Default Stack

If your service map already includes the key :io.pedestal.http/interceptors when you call one of the create- functions, then Pedestal won’t add the default interceptors. So what should you do if you want to use the default interceptors, but want to add your own interceptors to the default stack?

The solution is to call default-interceptors yourself, before calling create-server or create-servlet. That way, default-interceptors can build the default stack, then your application code has an opportunity to modify it. By the time you call create-server or create-servlet, the :io.pedestal.http/interceptors key will have your modified version of the default interceptors.

Here is an example of adding interceptors to perform authentication and authorization on every request. (Assuming we have a namespace auth with functions to construct these interceptors given a configuration.)

(defn service
  [service-map authn-config authz-config]
  (-> service-map
      (http/default-interceptors)                                                 (1)
      (update ::http/interceptors conj (auth/authentication-interceptor authn-config)) (2)
      (update ::http/interceptors conj (auth/authorization-interceptor authz-config))  (3)
      (http/create-server)))                                                      (4)
1 Attach the default interceptors to our service map
2 Modify the defaults to add authentication.
3 modify the defaults to add authorization.
4 Create the server as usual. This would normally attach the defaults, but will skip that because we’ve set them up ourselves.

Default Interceptors

Some of the default interceptors are conditional. Pedestal adds them when other parts of the service map indicate a need for an interceptor. These will be noted below.

These are presented in the order that they appear in the interceptor vector. That means their enter functions will be called in the order they appear in this document, and their leave functions are called in reverse order.

log-request

Always added. Logs each request at info level. See Logging to configure loggers and logging levels.

allow-origin

Added when the service map has a value for :io.pedestal.http/allowed-origins.

not-found

Always added. However, if the service map includes a value for :io.pedestal.http/not-found-interceptor, then that interceptor will be used in this position instead of the built-in.

session

Added when the service map has a value for :io.pedestal.http/enable-session or :io.pedestal.http/enable-csrf.

anti-forgery

Added when the service map includes a value for :io.pedestal.http/enable-csrf.

content-type

Always added.

query-params

Always added.

method-param

Always added.

resource

Added when the service map has a value for :io.pedestal.http/resource-path.

file

Added when the service map has a value for :io.pedestal.http/file-path.

secure-headers

Added when the service map has a non-nil value for :io.pedestal.http/secure-headers or when the service map does not include the key :io.pedestal.http/secure-headers at all.

router

Always added.