Authentication 第2集:验证don';登录后无法识别用户
我正在尝试使用play2 auth和playframework 2.2.0实现登录,我使用async实现了上一个分支的逻辑,成功登录后,Home操作不识别登录的用户并重定向到再次登录,一些代码: AuthConfig特性:Authentication 第2集:验证don';登录后无法识别用户,authentication,playframework,authorization,playframework-2.2,Authentication,Playframework,Authorization,Playframework 2.2,我正在尝试使用play2 auth和playframework 2.2.0实现登录,我使用async实现了上一个分支的逻辑,成功登录后,Home操作不识别登录的用户并重定向到再次登录,一些代码: AuthConfig特性: trait AuthConfigImpl extends AuthConfig { type Id = String type User = Account type Authority = models.poso.Permission val idTag
trait AuthConfigImpl extends AuthConfig {
type Id = String
type User = Account
type Authority = models.poso.Permission
val idTag: ClassTag[Id] = classTag[Id]
val sessionTimeoutInSeconds: Int = 3600
def resolveUser(id: Id)(implicit ctx: ExecutionContext): Future[Option[User]] = Future.successful(Cache.getAccountJson(id))
def loginSucceeded(request: RequestHeader)(implicit ctx: ExecutionContext): Future[SimpleResult] =
Future.successful(Redirect(routes.Home.test))
def logoutSucceeded(request: RequestHeader)(implicit ctx: ExecutionContext): Future[SimpleResult] =
Future.successful(Redirect(routes.Login2.login))
def authenticationFailed(request: RequestHeader)(implicit ctx: ExecutionContext): Future[SimpleResult] =
Future.successful(Redirect(routes.Login2.login))
def authorizationFailed(request: RequestHeader)(implicit ctx: ExecutionContext): Future[SimpleResult] =
Future.successful(Forbidden("no permission"))
def authorize(user: User, authority: Authority, request: RequestHeader)(implicit ctx: ExecutionContext): Future[Boolean] = Future.successful {
val perm = user.user.permissao.tree.get(request.path).getOrElse(false)
perm match {
case true => true
case _ => false
}
}
}
class Home @Inject() (implicit sessionService: SessionService) extends Controller with AuthElement with AuthConfigImpl {
def test() = StackAction(AuthorityKey -> NormalUser) { implicit request =>
{
val u = loggedIn
//usurio tem permissao
Ok(views.html.home(u.user.email.toString))
// Ok(views.html.home(user.get.email.toString))
}
}
}
class Login2 @Inject() (implicit sessionService: SessionService, loginService: LoginService, userService: UserService) extends Controller with LoginLogout with AuthConfigImpl with Logging {
def authenticate = Action.async { implicit request =>
{
val form = userForm.bindFromRequest
try {
form.fold(
errors => {
Future.successful(BadRequest(views.html.login("", userForm)))
},
other1Form => {
val login = loginService.loginVerify(other1Form.email, other1Form.password)
val uuidGenerate = java.util.UUID.randomUUID.toString
val account = userService.getDataFromUser(other1Form.email)
Cache.addEntry(EhCacheRegion.Cerberus.toString() + SessionProductName.Account.toString(), uuidGenerate, models.poso.Session.toJson(account))
gotoLoginSucceeded(uuidGenerate)
})
} catch {
case login: LoginException => {
val formError = form.withGlobalError(login.msg)
Future.successful(BadRequest(views.html.login("", formError)))
}
case ex: Exception => {
logger.error(ex.getMessage())
Future.successful(BadRequest(views.html.login("", form.withGlobalError("system error"))))
}
case _: Any => {
logger.error("error")
Future.successful(BadRequest("err"))
}
}
}
}
}
确保未设置安全cookie,并尝试在不安全的环境中进行测试。
检查AuthConfig,查看lazy val cookies安全选项,确保未设置安全Cookie,并尝试在不安全的环境中进行测试。
检查AuthConfig,查看lazy val Cookies安全选项是否能够解决此问题?我有一个类似的问题。你能解决这个问题吗?我也有类似的问题。