Clever Geek Handbook

Sending an unauthorized request to a different action route

I am doing a global filter on all requests to identify that the user making the request is authenticated and does not send them to the login screen.

My global object extends the WithFilters class, which uses an authentication filter:

object Global extends WithFilters(AuthenticationFilter()) { }

My authentication filter:

class AuthenticationFilter  extends Filter {
  def apply(next: (RequestHeader) => Future[Result])(request: RequestHeader): Future[Result] = {
    println("this is the request that will be filtered: " + request)
    if (!authenticated) 
      // How do i send the request to the login Action?
    else 
      next(request)
  }
}

object AuthenticationFilter {
  def apply(actionNames: String*) = new AuthenticationFilter()
}

My question is, what should I do with submitting a non-authenticated user to the Login Action / Route action?

+3


source to share


1 answer


Create a tag for protected routes. In this flag, when unauthenticated requests forward them:

trait Secured {

/**    
 * Retrieve the connected user name from the request header.  
 */   
private def username(request: RequestHeader) = request.session.get("username")

/**    
 * Redirect to login if the user in not authorized.    
 */
private def onUnauthorized(request: RequestHeader) = Results.Redirect(routes.Application.login)


/**    
 * Action for authenticated users.    
 */   
def IsAuthenticated(f: => String => Request[AnyContent] => Result) = Security.Authenticated(username, onUnauthorized) { user =>
  Action(request => f(user)(request))   
}


}


Now define any controllers you want to protect in order to extend this trait and unauthenticated requests will be sent:

object Index extends Controller with Secured
0


source






More articles:


All Articles