Change the auth handler code in the server to play better with the resp macro (again).

src/main/nim/strawbosspkg/server.nim

@@ -1,7 +1,6 @@
 import algorithm, asyncdispatch, bcrypt, jester, json, jwt, os, osproc,
   sequtils, strutils, tempfile, times, unittest
 
-import logging
 import ./configuration, ./core, private/util
 
 type Worker = object
@@ -107,9 +106,9 @@ proc makeAuthToken*(cfg: StrawBossConfig, uname, pwd: string): string =
   if not validatePwd(user, pwd): raiseEx "invalid username or password"
   result = toJWT(cfg, newSession(user))
 
-template withSession(body: untyped): untyped =
+template checkAuth() =
   var session {.inject.}: Session
-  var authed = false
+  var authed {.inject.} = false
 
   try:
     session = extractSession(cfg, request)
@@ -118,8 +117,6 @@ template withSession(body: untyped): untyped =
     debug "Auth failed: " & getCurrentExceptionMsg()
     resp(Http401, makeJsonResp(Http401), JSON)
 
-  if authed: body
-
 proc start*(cfg: StrawBossConfig): void =
 
   let stopFuture = newFuture[void]()
@@ -139,27 +136,36 @@ proc start*(cfg: StrawBossConfig): void =
         resp("\"" & $authToken & "\"", JSON)
       except: resp(Http401, makeJsonResp(Http401, getCurrentExceptionMsg()), JSON)
 
-    get "/verify-auth": withSession:
+    get "/verify-auth":
+      checkAuth(); if not authed: return true
+
       resp(Http200, $(%*{ "username": session.user.name }), JSON)
 
-    get "/projects": withSession:
-      # List project summaries (ProjectDefs only)
+    get "/projects":
+      ## List project summaries (ProjectDefs only)
+
+      checkAuth(); if not authed: return true
+
       resp($(%(cfg.projects)), JSON)
 
-    post "/projects": withSession:
-      # Create a new project definition
+    post "/projects":
+      ## Create a new project definition
+
+      checkAuth(); if not authed: return true
+
       resp(Http501, makeJsonResp(Http501), JSON)
 
-    get "/project/@projectName/@version?": withSession:
+    get "/project/@projectName/@version?":
       ## Get a detailed project record including step definitions (ProjectConfig).
 
+      checkAuth(); if not authed: return true
+
       # Make sure we know about that project
       var project: ProjectDef
       try: project = cfg.findProject(@"projectName")
       except: resp(Http404, makeJsonResp(Http404, getCurrentExceptionMsg()), JSON)
 
       # Given version
-
       var cachedFilePath: string
       if @"version" != "":
         cachedFilePath = cfg.artifactsRepo & "/" & project.name &
@@ -185,21 +191,32 @@ proc start*(cfg: StrawBossConfig): void =
           cachedFilePath & "\n\t Reason: " & getCurrentExceptionMsg()
         resp(Http500, makeJsonResp(Http500, "could not read cached project configuration"), JSON)
 
-    get "/api/project/@projectName/active": withSession:
-      # List all currently active runs
+    get "/api/project/@projectName/active":
+      ## List all currently active runs
+
+      checkAuth(); if not authed: return true
+
       resp(Http501, makeJsonResp(Http501), JSON)
 
-    get "/api/project/@projectName/@stepName": withSession:
+    get "/api/project/@projectName/@stepName":
+      ## Get step details including runs.
+
+      checkAuth(); if not authed: return true
 
-      # Get step details including runs.
       resp(Http501, makeJsonResp(Http501), JSON)
 
-    get "/api/project/@projectName/@stepName/run/@buildRef": withSession:
-      # Get detailed information about a run
+    get "/api/project/@projectName/@stepName/run/@buildRef":
+      ## Get detailed information about a run
+
+      checkAuth(); if not authed: return true
+
       resp(Http501, makeJsonResp(Http501), JSON)
 
     post "/project/@projectName/@stepName/run/@buildRef?":
       # Kick off a run
+
+      checkAuth(); if not authed: return true
+
       workers.add(spawnWorker(RunRequest(
         projectName: @"projectName",
         stepName: @"stepName",