secure social websockets play framework

Question

How do I secure a websocket call in the play framework using scala securesocial?

def statusfeed() = WebSocket.using[String] { implicit request =>
    if (logged in) {
      ...
    else {
    }
}

Thanks,

edit 1:

Tried this but didn't work, always get "not logged in"

def statusfeed() = WebSocket.using[String] { implicit request =>
  var in = Iteratee.ignore[String]
  var out = Enumerator.empty[String]
  session.get("userId").map { sessionId =>
      //sessionId is now userId in session
      //check he is authorise to view page or not   
      //  Ok("user in session")
      def getLoadAverage = {
          "%1.2f" format
            ManagementFactory.getOperatingSystemMXBean.getSystemLoadAverage()
      }

      in = Iteratee.ignore[String]
      out = Enumerator.repeatM {
          Promise.timeout(getLoadAverage, 3 seconds)
      }

  }.getOrElse {
      log.info("not logged in")
      //any thing that you want when he is not in session
      Redirect("/") //NOT IN SESSION REDIRECT TO LOGIN PAGE
  }
  (in, out)
}

edit 2: Replacing userId with SecureSocial.USER_KEY didn't work either

Answer 1

This works, but not idiomatic scala

def getUser(req: RequestHeader):String = {
  val authenticator = SecureSocial.authenticatorFromRequest(req)
  if (authenticator.isEmpty) {
    return null
  } 
  val auth = UserService.find(authenticator.get.identityId)
  auth.get.identityId.userId
}

def statusfeed() = WebSocket.using[String] { implicit request =>
    implicit val req = request
    val user = getUser(req)

....

and then test user != null

---

Or more simply

def statusfeed() = WebSocket.using[String] { implicit request =>
  SecureSocial.currentUser(request) match {
    case Some(userid) => ... success
    case None => ... failed
  }
}