An authenticated action builder.
An authenticated action builder.
This can be used to create an action builder, like so:
// in a Security trait object Authenticated extends AuthenticatedBuilder(req => getUserFromRequest(req)) // then in a controller def index = Authenticated { implicit request => Ok("Hello " + request.user) }
It can also be used from an action builder, for example:
class AuthenticatedDbRequest[A](val user: User, val conn: Connection, request: Request[A]) extends WrappedRequest[A](request) object Authenticated extends ActionBuilder[AuthenticatedDbRequest] { def invokeBlock[A](request: Request[A], block: (AuthenticatedDbRequest[A]) => Future[Result]) = { AuthenticatedBuilder(req => getUserFromRequest(req)).authenticate(request, { authRequest: AuthenticatedRequest[A, User] => DB.withConnection { conn => block(new AuthenticatedDbRequest[A](authRequest.user, conn, request)) } }) } }
An authenticated request
Wraps another action, allowing only authenticated HTTP requests.
Wraps another action, allowing only authenticated HTTP requests.
The user name is retrieved from the (configurable) session cookie, and added to the HTTP request’s
username
attribute. In case of failure it returns an Unauthorized response (401)
For example:
//in a Security trait def isAuthenticated(f: => String => Request[AnyContent] => Result) = { Authenticated { user => Action(request => f(user)(request)) } } //then in a controller def index = isAuthenticated { username => implicit request => Ok("Hello " + username) }
the action to wrap
Wraps another action, allowing only authenticated HTTP requests.
Wraps another action, allowing only authenticated HTTP requests. Furthermore, it lets users to configure where to retrieve the user info from and what to do in case unsuccessful authentication
For example:
//in a Security trait def username(request: RequestHeader) = request.session.get("email") def onUnauthorized(request: RequestHeader) = Results.Redirect(routes.Application.login) def isAuthenticated(f: => String => Request[AnyContent] => Result) = { Authenticated(username, onUnauthorized) { user => Action(request => f(user)(request)) } } //then in a controller def index = isAuthenticated { username => implicit request => Ok("Hello " + username) }
the type of the user info value (e.g. String
if user info consists only in a user name)
function used to retrieve the user info from the request header
function used to generate alternative result if the user is not authenticated
the action to wrap
An authenticated action builder.
An authenticated action builder.
This can be used to create an action builder, like so:
// in a Security trait object Authenticated extends AuthenticatedBuilder(req => getUserFromRequest(req)) // then in a controller def index = Authenticated { implicit request => Ok("Hello " + request.user) }
It can also be used from an action builder, for example:
class AuthenticatedDbRequest[A](val user: User, val conn: Connection, request: Request[A]) extends WrappedRequest[A](request) object Authenticated extends ActionBuilder[AuthenticatedDbRequest] { def invokeBlock[A](request: Request[A], block: (AuthenticatedDbRequest[A]) => Future[Result]) = { AuthenticatedBuilder(req => getUserFromRequest(req)).authenticate(request, { authRequest: AuthenticatedRequest[A, User] => DB.withConnection { conn => block(new AuthenticatedDbRequest[A](authRequest.user, conn, request)) } }) } }
Key of the username attribute stored in session.
Helpers to create secure actions.