From 6df97df4241595d37dab0dcd429fff91a947ba6c Mon Sep 17 00:00:00 2001
From: Juho Teperi <juho.teperi@iki.fi>
Date: Mon, 28 Jan 2019 22:19:53 +0200
Subject: [PATCH] Add comment

---
 examples/frontend-auth/src/frontend/core.cljs | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/examples/frontend-auth/src/frontend/core.cljs b/examples/frontend-auth/src/frontend/core.cljs
index a080532b..17bd99e6 100644
--- a/examples/frontend-auth/src/frontend/core.cljs
+++ b/examples/frontend-auth/src/frontend/core.cljs
@@ -140,6 +140,10 @@
     (fn [new-match]
       (swap! state (fn [state]
                      (if new-match
+                       ;; Only run the controllers, which are likely to call authentcated APIs,
+                       ;; if user has been authenticated.
+                       ;; Alternative solution could be to always run controllers,
+                       ;; check authentication status in each controller, or check authentication status in API calls.
                        (if (:user state)
                          (assoc state :match (assoc new-match :controllers (rfc/apply-controllers (:controllers (:match state)) new-match)))
                          (assoc state :match new-match))))))