CODEWITHSUNDEEP
scalafunctional-programmingplayframework-2.0playframework-2.1
user425367
user425367

Reputation:

How to combine body parser and security in Play

I'm using a variant of the security solution implemented in ZenTask in the sample project:

The goal is to combine withAuth and Action(parse.json) but I cant figure out how.

My security trait

def withAuth(f: => Int => Request[AnyContent] => Result) = {
    Security.Authenticated(userid, onUnauthorized) { userid =>
      Action(request => f(userid.toInt)(request))
    }
  }

I want to use plays built in body parser like I normally do:

def newReport() = Action(parse.json) { request =>

Instead of manually parse the body to json in my Controller.

def newReport() = withAuth { userId =>
    { request =>
      request.body.asJson match {
        case Some(json) =>
          json.validate[Report](Reports.readsWithoutUser).map {
            case _: Report =>
              Reports.newReport(_)
              Ok("")
          }.recoverTotal {
            e =>
              val errors = JsError.toFlatJson(e)
              Logger.error(errors.toString)
              BadRequest("Detected error:" + errors)
          }
        case None => BadRequest("Json object missing from request")
      }
    }

Upvotes: 3

Views: 1263

Answers (1)

Marius Soutier
Marius Soutier

Reputation: 11274

Then you should simply use the overloaded Action that takes a body parser (apply[A](bodyParser: BodyParser[A])(block: Request[A] => Result)).

def withAuth[A](p: BodyParser[A])(f: => Int => Request[A] => Result): Action[(Action[A], A)] = {
  Security.Authenticated(userid, onUnauthorized) { userid =>
    Action(p)(request => f(userid.toInt)(request))
  }
}

// Convenience for when you don't need a BP
def withAuth(f: => Int => Request[AnyContent] => Result): Action[(Action[AnyContent], AnyContent)] = {
  withAuth(BodyParsers.parse.anyContent)(f)
}

Upvotes: 2

Related Questions