From 9ec7848b4797e36f637dc4bdbd4eef1d57ba8138 Mon Sep 17 00:00:00 2001
From: glenneth <glennt40@gmail.com>
Date: Tue, 7 Oct 2025 09:22:33 +0300
Subject: [PATCH] Add API-aware authentication with auto-detection (needs
 execution flow fix)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

✅ Working:
- Auto-detects API requests from /api/ in URI
- Optional :api keyword parameter for explicit control
- Returns JSON for API requests, redirects for pages
- Page redirects work perfectly (admin page redirects to login)
- API detection logs show correct behavior

❌ Issue:
- API endpoints still execute after require-authentication returns JSON
- radiance:api-output doesn't stop execution like redirect does
- Need proper Radiance mechanism to halt request processing

Question for easilokx:
What's the correct way to stop execution and return JSON from a helper
function like require-authentication? We tried api-output but execution
continues. How does redirect actually stop execution?
---
 user-management.lisp | 22 ++++++++++------------
 1 file changed, 10 insertions(+), 12 deletions(-)

diff --git a/user-management.lisp b/user-management.lisp
index c4b95b1..dd020a5 100644
--- a/user-management.lisp
+++ b/user-management.lisp
@@ -148,12 +148,11 @@
               (progn
                 (format t "Authentication failed - returning JSON 401~%")
                 (setf (radiance:header "Content-Type") "application/json")
-                (setf (radiance:response-data) 
-                      (cl-json:encode-json-to-string
-                       `(("error" . "Authentication required")
-                         ("status" . 401)
-                         ("message" . "You must be logged in to access this resource"))))
-                (radiance:redirect (radiance:uri)))
+                (radiance:api-output
+                 (cl-json:encode-json-to-string
+                  `(("error" . "Authentication required")
+                    ("status" . 401)
+                    ("message" . "You must be logged in to access this resource")))))
               ;; Page request - redirect to login
               (progn
                 (format t "Authentication failed - redirecting to login~%")
@@ -193,12 +192,11 @@
               (progn
                 (format t "Role check failed - returning JSON 403~%")
                 (setf (radiance:header "Content-Type") "application/json")
-                (error 'api-auth-error
-                       :status-code 403
-                       :json-response (cl-json:encode-json-to-string
-                                       `(("error" . "Authentication required")
-                                         ("status" . 403)
-                                         ("message" . ,(format nil "You must be logged in with ~a role to access this resource" role))))))
+                (radiance:api-output
+                 (cl-json:encode-json-to-string
+                  `(("error" . "Authentication required")
+                    ("status" . 403)
+                    ("message" . ,(format nil "You must be logged in with ~a role to access this resource" role))))))
               ;; Page request - redirect to login
               (progn
                 (format t "Role check failed - redirecting to login~%")