Scala 将未经验证的请求发送到其他操作路由
我在所有请求中实现一个全局过滤器,以识别发出请求的用户是否经过身份验证,如果没有,则将其发送到登录屏幕 我的全局对象扩展使用身份验证筛选器的WithFilters类:Scala 将未经验证的请求发送到其他操作路由,scala,filter,playframework,interceptor,playframework-2.3,Scala,Filter,Playframework,Interceptor,Playframework 2.3,我在所有请求中实现一个全局过滤器,以识别发出请求的用户是否经过身份验证,如果没有,则将其发送到登录屏幕 我的全局对象扩展使用身份验证筛选器的WithFilters类: object Global extends WithFilters(AuthenticationFilter()) { } class AuthenticationFilter extends Filter { def apply(next: (RequestHeader) => Future[Result])(re
object Global extends WithFilters(AuthenticationFilter()) { }
class AuthenticationFilter extends Filter {
def apply(next: (RequestHeader) => Future[Result])(request: RequestHeader): Future[Result] = {
println("this is the request that will be filtered: " + request)
if (!authenticated)
// How do i send the request to the login Action?
else
next(request)
}
}
object AuthenticationFilter {
def apply(actionNames: String*) = new AuthenticationFilter()
}
我的身份验证筛选器:
object Global extends WithFilters(AuthenticationFilter()) { }
class AuthenticationFilter extends Filter {
def apply(next: (RequestHeader) => Future[Result])(request: RequestHeader): Future[Result] = {
println("this is the request that will be filtered: " + request)
if (!authenticated)
// How do i send the request to the login Action?
else
next(request)
}
}
object AuthenticationFilter {
def apply(actionNames: String*) = new AuthenticationFilter()
}
我的问题是如何将未经身份验证的用户发送到登录操作/路由?为安全路由创建特征。在这种情况下,当未经验证的请求传入时,请重定向它们:
trait Secured {
/**
* Retrieve the connected user name from the request header.
*/
private def username(request: RequestHeader) = request.session.get("username")
/**
* Redirect to login if the user in not authorized.
*/
private def onUnauthorized(request: RequestHeader) = Results.Redirect(routes.Application.login)
/**
* Action for authenticated users.
*/
def IsAuthenticated(f: => String => Request[AnyContent] => Result) = Security.Authenticated(username, onUnauthorized) { user =>
Action(request => f(user)(request))
}
}
现在定义您想要保护的任何控制器以扩展该特性,未经验证的请求将被发送出去:
object Index extends Controller with Secured
问题是,我不想为特定的控制器或操作创建身份验证,我希望为每个请求检查身份验证。我不认为您能够在全局对象上执行此操作,因为至少有一个请求(登录页面)必须未经身份验证。让我们假设此操作有效。我该如何将请求转发到登录操作我想您应该在全局对象中放一行:
private def onUnauthorized(请求:RequestHeader)=Results.Redirect(routes.Application.Login)
如果您使用Spring,这将非常容易。只是一个想法