Reputation: 4496
Authentication with Play! 2.4
I am working on a new Application on Play! 2.4. I have other Applications on 1.4, and am looking how to implement a similar security method as in Play! 1.x.
I created a secure controller as follows:
@With(Security.class)
public abstract class SecureController extends Controller {
}
I then have the Security.class:
public class Security extends Action.Simple {
public F.Promise<Result> call(Http.Context ctx) throws Throwable {
if(ctx.session().containsKey("pwdHash") && ctx.session().containsKey("securityId")){
User user = User.find.where().eq("id",ctx.session().get("securityId")).findUnique();
if(user != null) {
if(user.getAuthToken().equals(ctx.session().get("pwdHash"))) {
// TODO: Don't think this works yet.
ctx.request().setUsername(user.getEmail());
return delegate.call(ctx);
}
}
}
ctx.session().put("referer", ctx.request().path());
return F.Promise.pure(redirect(routes.Logon.doLogon()));
}
}
This works fine, a user can access the pages when validly logged on. But what I would like to do now is have it work as with 1.x, that you can annotate with something like @Check("admin").
In 1.x this could be done by extending Secure.Security and to implement:
public static boolean check(String profile, User user)
Creating the annotation is obviously easy enough:
@Retention(RetentionPolicy.RUNTIME)
@Target({ElementType.METHOD, ElementType.TYPE})
public @interface Check {
UserTask value();
}
But how can I now have the system check on each method of the SecureController if the user has the required rights for the given annotation? In play 1.x there was play.mvc.Before which could be used.
[Edit] My intention is to add something like the following:
@Check(UserTask.REGISTRATION)
public static Result index(int page)
Upvotes: 1
Views: 225
Answers (1)
Reputation: 4496
After some further research I found the solution in the Play! documentation. The above question was already in the right direction, I just needed to extend it by adding the annotation and linking it to the action (and then use the annotation to call on the function).
https://www.playframework.com/documentation/2.4.x/JavaActionsComposition
Upvotes: 1
Related Questions
- Jackson with JSON: Unrecognized field, not marked as ignorable
- How do I change the default port (9000) that Play uses when I execute the "run" command?
- How can I pad an integer with zeros on the left?
- Why is executing Java code in comments with certain Unicode characters allowed?
- How can I create an executable/runnable JAR with dependencies using Maven?
- Download a file with Android, and showing the progress in a ProgressDialog
- How to create RecyclerView with multiple view types
- How to mock void methods with Mockito
- Play's default Security Authentication Filter not hit
- adding an object to a list in play framework