object Security
- Alphabetic
- By Inheritance
- Security
- AnyRef
- Any
- Hide All
- Show All
- Public
- All
Type Members
-
class
AuthenticatedBuilder[U] extends ActionBuilder[[A]AuthenticatedRequest[A, U], AnyContent]
An authenticated action builder.
An authenticated action builder.
This can be used to create an action builder, like so:
class UserAuthenticatedBuilder (parser: BodyParser[AnyContent])(implicit ec: ExecutionContext) extends AuthenticatedBuilder[User]({ req: RequestHeader => req.session.get("user").map(User) }, parser) { @Inject() def this(parser: BodyParsers.Default)(implicit ec: ExecutionContext) = { this(parser: BodyParser[AnyContent]) } }
You can then use the authenticated builder with other action builders, i.e. to use a messagesApi with authentication, you can add:
class AuthMessagesRequest[A](val user: User, messagesApi: MessagesApi, request: Request[A]) extends MessagesRequest[A](request, messagesApi) class AuthenticatedActionBuilder(val parser: BodyParser[AnyContent], messagesApi: MessagesApi, builder: AuthenticatedBuilder[User]) (implicit val executionContext: ExecutionContext) extends ActionBuilder[AuthMessagesRequest, AnyContent] { type ResultBlock[A] = (AuthMessagesRequest[A]) => Future[Result] @Inject def this(parser: BodyParsers.Default, messagesApi: MessagesApi, builder: UserAuthenticatedBuilder)(implicit ec: ExecutionContext) = { this(parser: BodyParser[AnyContent], messagesApi, builder) } def invokeBlock[A](request: Request[A], block: ResultBlock[A]): Future[Result] = { builder.authenticate(request, { authRequest: AuthenticatedRequest[A, User] => block(new AuthMessagesRequest[A](authRequest.user, messagesApi, request)) }) } }
-
class
AuthenticatedRequest[+A, U] extends WrappedRequest[A]
An authenticated request
Value Members
-
final
def
!=(arg0: Any): Boolean
- Definition Classes
- AnyRef → Any
-
final
def
##(): Int
- Definition Classes
- AnyRef → Any
-
final
def
==(arg0: Any): Boolean
- Definition Classes
- AnyRef → Any
-
def
Authenticated[A](userinfo: (RequestHeader) ⇒ Option[A], onUnauthorized: (RequestHeader) ⇒ Result)(action: (A) ⇒ EssentialAction): EssentialAction
Wraps another action, allowing only authenticated HTTP requests.
Wraps another action, allowing only authenticated HTTP requests. Furthermore, it lets users to configure where to retrieve the user info from and what to do in case unsuccessful authentication
For example:
//in a Security trait def username(request: RequestHeader) = request.session.get("email") def onUnauthorized(request: RequestHeader) = Results.Redirect(routes.Application.login) def isAuthenticated(f: => String => Request[AnyContent] => Result) = { Authenticated(username, onUnauthorized) { user => Action(request => f(user)(request)) } } //then in a controller def index = isAuthenticated { username => implicit request => Ok("Hello " + username) }
- A
the type of the user info value (e.g.
String
if user info consists only in a user name)- userinfo
function used to retrieve the user info from the request header
- onUnauthorized
function used to generate alternative result if the user is not authenticated
- action
the action to wrap
- def WithAuthentication[A](userinfo: (RequestHeader) ⇒ Option[A])(action: (A) ⇒ EssentialAction): EssentialAction
-
final
def
asInstanceOf[T0]: T0
- Definition Classes
- Any
-
def
clone(): AnyRef
- Attributes
- protected[java.lang]
- Definition Classes
- AnyRef
- Annotations
- @native() @throws( ... )
-
final
def
eq(arg0: AnyRef): Boolean
- Definition Classes
- AnyRef
-
def
equals(arg0: Any): Boolean
- Definition Classes
- AnyRef → Any
-
def
finalize(): Unit
- Attributes
- protected[java.lang]
- Definition Classes
- AnyRef
- Annotations
- @throws( classOf[java.lang.Throwable] )
-
final
def
getClass(): Class[_]
- Definition Classes
- AnyRef → Any
- Annotations
- @native()
-
def
hashCode(): Int
- Definition Classes
- AnyRef → Any
- Annotations
- @native()
-
final
def
isInstanceOf[T0]: Boolean
- Definition Classes
- Any
-
final
def
ne(arg0: AnyRef): Boolean
- Definition Classes
- AnyRef
-
final
def
notify(): Unit
- Definition Classes
- AnyRef
- Annotations
- @native()
-
final
def
notifyAll(): Unit
- Definition Classes
- AnyRef
- Annotations
- @native()
-
final
def
synchronized[T0](arg0: ⇒ T0): T0
- Definition Classes
- AnyRef
-
def
toString(): String
- Definition Classes
- AnyRef → Any
-
final
def
wait(): Unit
- Definition Classes
- AnyRef
- Annotations
- @throws( ... )
-
final
def
wait(arg0: Long, arg1: Int): Unit
- Definition Classes
- AnyRef
- Annotations
- @throws( ... )
-
final
def
wait(arg0: Long): Unit
- Definition Classes
- AnyRef
- Annotations
- @native() @throws( ... )
- object AuthenticatedBuilder
Deprecated Value Members
-
def
Authenticated(action: (String) ⇒ EssentialAction): EssentialAction
Wraps another action, allowing only authenticated HTTP requests.
Wraps another action, allowing only authenticated HTTP requests.
The user name is retrieved from the (configurable) session cookie, and added to the HTTP request’s
username
attribute. In case of failure it returns an Unauthorized response (401)For example:
//in a Security trait def isAuthenticated(f: => String => Request[AnyContent] => Result) = { Authenticated { user => Action(request => f(user)(request)) } } //then in a controller def index = isAuthenticated { username => implicit request => Ok("Hello " + username) }
- action
the action to wrap
- Annotations
- @deprecated
- Deprecated
(Since version 2.6.0) Use Authenticated(RequestHeader => Option[String])(String => EssentialAction)
-
lazy val
username: String
Key of the username attribute stored in session.
Key of the username attribute stored in session.
- Annotations
- @deprecated
- Deprecated
(Since version 2.6.0) Security.username is deprecated.