Removes login data from req if we are on authentication page.

Called when coercion exception is thrown by the handler executed earlier in a middleware chain. Takes an exception object e, response wrapper respond, and a raise function.

When coercion error is detected during request processing, it creates a map (by calling the amelinium.http.middleware.coercion/map-errors-simple) containing parameter identifiers associated with parameter types (or with nil values if type information is not available).

If there is a session then this map is stored in a session variable :form-errors under the :errors key (additionally, there is a :dest key identifying a path of the current page).

If there is no valid session or a session variable cannot be stored, the result is serialized as a query string parameter form-errors with erroneous fields separated by commas.

If type name is available then a string in a form of parameter:type is generated.

If type name is not available, a simple parameter name is generated. So the example value (before encoding) may look like email,secret:password (email being a parameter without type information, secret being a parameter with type named password).

Next, the originating URI is obtained from the Referer header and a temporary redirect (with HTTP code 307) is generated with this path and a query string containing form-errors parameter. The value of the parameter is empty if form errors were saved in a session variable.

The destination of the redirect can be overriden by the :form-errors/page configuration option associated with HTTP route data.

If the destination URI cannot be established, or if a coercion error happened during handling some previous coercion error (so the current page is where the browser had been redirected to), then instead of generating a redirect, a regular page is rendered with HTTP code of 422. The :app/data key of a request map is updated with:

• :title set to a translated message of :parameters/error,
• :form/errors containing a map:
• :errors mapped to amelinium.http.middleware.coercion/map-errors-simple applied to errors,
• :params mapped to a map containing current parameter values from coercion data,
• :dest mapped to a destination URI;
• :coercion/errors (result of amelinium.http.middleware.coercion/explain-errors-simple applied to coercion data).

When a coercion error is detected during response processing, a web page of HTTP code 500 is rendered. The :app/data key of a request map is updated with the:

• :title (translated message of :output/error),
• :form/errors (result of amelinium.http.middleware.coercion/explain-errors-simple).

Please note that if error is detected in a nested structure of parameter’s value, the whole parameter will be reported as bad.

Injects go-to data (gmap) into a request map req (affected, form-related keys are: :form-params, :query-params and :params; affected, header-related key is referer). Form data is merged only if a go-to URI (:uri key of gmap) matches the URI of a current page. Go-to URI is always injected. When the given gmap is broken, it will set :goto-injected? to true but :goto-uri and :goto to false.

Returns true if :form-params map of a request map req contains login data.

Gets a go-to data from a session variable if it does not yet exist in the req context. Works also for the expired session and only if a go-to URI (:uri key of a map) is the same as the URI of a currently visited page. Uses inject-goto to inject the data.

Go-to data will not be populated (or even tried) if there is no session, or is there is already a value associated with the :goto-injected key, or form params does not contain am/goto parameter of any value (even an empty string or nil).

Prepares a request before any web controller is called.

Removes login data from the form params part of a request map.

Renders page after a specific web controller was called. The :app/view and :app/layout keys are added to the request data by controllers to indicate which view and layout file should be used. Data passed to the template system is populated with common keys which should be present in :app/data. If the :response/fn is set then it will be used instead of web/render-ok to render an HTML response.

Gets go-to data for a valid (and not expired) session. Returns data as a map. The resulting map has, among form data, :session-id entry removed (if found) but :ref-uri, :page and other entries kept.