Takes a request map req and an authentication state, 2-element vector auth-state. Removes login information from form and body data if its second element does not have a truthy value (meaning that we are NOT on an authentication page which is allowed to process passwords).

Called when coercion exception is thrown by the handler executed earlier in a middleware chain. Takes exception object e, response wrapper respond and raise function.

When a coercion error is detected during request processing, it creates a sequence of maps (by calling amelinium.http.middleware.coercion/explain-errors-simple) where each contains the following keys:

• :parameter/id,
• :parameter/src,
• :parameter/path,
• :parametery/type,
• :error/summary,
• :error/description.

The sequence is then stored in a map identified with the :response/body key of a request map, under the key :parameters/errors. Additionally, the following keys are added to the response body:

• :lang (current language),
• :status (always set to :error/bad-parameters),
• :status/title (a result of translation of the :error/bad-parameters key),
• :status/description (a result of translation of the :error/bad-parameters.full key).

When a coercion error is detected during response processing, it creates a 500 status response with the following body:

• :lang (current language),
• :status (always set to :server-error/internal),
• :status/title (a result of translation of the :server-error/internal key),
• :status/description (a result of translation of the :server-error/internal.full key),
• :sub-status (always set to :output/error),
• :sub-status/title (a result of translation of the :output/error key),
• :sub-status/description (a result of translation of the :output/error.full key).

Default handler for the OPTIONS method. Adds Access-Control-Allow-Methods header with supported methods listed (separated by commas and space characters).

Returns true if :body map of a request contains login data.

Calls render-not-found on req.

Prepares a request before any controller is called. Checks if parameters are valid (if validators are configured). If there is a session present, checks for its validity and tests if an account is locked.

Removes login data from the form params and body part of a request map.

Renders a response by calling render-ok on a req request map. If :response/status key is present in req and is not nil, it will call render-status instead with req and a value associated with this key (which should be a keyword). If :response/fn key is present in req and it is not nil, it should be a function which will be called with req argument.