如何扩展Play2 scala Zentarks身份验证以自动获取用户
在Play2的示例中,我们有一个方法如何扩展Play2 scala Zentarks身份验证以自动获取用户,scala,playframework,playframework-2.0,Scala,Playframework,Playframework 2.0,在Play2的示例中,我们有一个方法 def isAuthenticated(f: => String => Request[AnyContent] => Result) = { Security.Authenticated(username, onUnauthorized) { user => Action(request => f(user)(request)) } } 我想做的是添加另一种方法,如果我想直接从数据库获取用户,可以使用这种方法
def isAuthenticated(f: => String => Request[AnyContent] => Result) = {
Security.Authenticated(username, onUnauthorized) { user =>
Action(request => f(user)(request))
}
}
def method() = isAuthenticated { username => implicit request =>
UserDAO.findOneByEmail(username).map { user =>
Ok(html.user.view(user))
}.getOrElse(Forbidden)
}
有什么建议吗?半解决方案是将获取用户数据的步骤封装到某个函数中,并从模板级别(而不是每个操作)调用它,因为每个模板都只是一个scala函数 由于这种方法,如果您有多个操作使用同一视图(甚至布局),您不必每次都获取记录的用户,即: 在
用户视图中@defining(Application.getLoggedUser){ user =>
@yourlayout("Welcome") {
<h2>Hello @user.name</h2>
...
}
}
@defining(Application.getLoggedUser){user=>
@yourlayout(“欢迎”){
你好@user.name
...
}
}
用户视图中@defining(Application.getLoggedUser){ user =>
@yourlayout("Welcome") {
<h2>Hello @user.name</h2>
...
}
}
@defining(Application.getLoggedUser){user=>
@yourlayout(“欢迎”){
你好@user.name
...
}
}
IsAuthenticatedUserUser=>Request[AnyContent]=>Result类型的参数:
def IsAuthenticatedUser(f:User=>Request[AnyContent]=>Result)=IsAuthenticated{email=>Request=>
UserDAO.findOneByEmail(email.map{user=>
f(用户)(请求)
}.getOrElse(禁止)
}
然后,您可以按如下方式使用它:
def method=IsAuthenticatedUser{user=>request=>
Ok(html.user.view(用户))
}
您可以定义另一种方法,例如IsAuthenticatedUser
,该方法将采用User=>Request[AnyContent]=>Result类型的参数:
def IsAuthenticatedUser(f:User=>Request[AnyContent]=>Result)=IsAuthenticated{email=>Request=>
UserDAO.findOneByEmail(email.map{user=>
f(用户)(请求)
}.getOrElse(禁止)
}
然后,您可以按如下方式使用它:
def method=IsAuthenticatedUser{user=>request=>
Ok(html.user.view(用户))
}
这是最终的解决方案
trait Secured {
def username(request: RequestHeader) = request.session.get(Security.username)
def onUnauthorized(request: RequestHeader) = Results.Redirect(routes.Application.login)
def withAuth(f: => String => Request[AnyContent] => Result) = {
Security.Authenticated(username, onUnauthorized) { user =>
Action(request => f(user)(request))
}
}
def withUser(f: User => Request[AnyContent] => Result) = withAuth { username => implicit request =>
UserDAO.findOneByUsername(username).map { user =>
f(user)(request)
}.getOrElse(onUnauthorized(request))
}
}
用法:
object Application extends Controller with Secured {
def index = withAuth { username => implicit request =>
Ok(html.index(username))
}
def user() = withUser { user => implicit request =>
val username = user.username
Ok(html.user(user))
}
}
如您所见,如果会话不存在,用户将被重定向到trait中指定的登录页面
如果在DAO中找不到用户名,情况也是如此。这是最终的解决方案
trait Secured {
def username(request: RequestHeader) = request.session.get(Security.username)
def onUnauthorized(request: RequestHeader) = Results.Redirect(routes.Application.login)
def withAuth(f: => String => Request[AnyContent] => Result) = {
Security.Authenticated(username, onUnauthorized) { user =>
Action(request => f(user)(request))
}
}
def withUser(f: User => Request[AnyContent] => Result) = withAuth { username => implicit request =>
UserDAO.findOneByUsername(username).map { user =>
f(user)(request)
}.getOrElse(onUnauthorized(request))
}
}
用法:
object Application extends Controller with Secured {
def index = withAuth { username => implicit request =>
Ok(html.index(username))
}
def user() = withUser { user => implicit request =>
val username = user.username
Ok(html.user(user))
}
}
如您所见,如果会话不存在,用户将被重定向到trait中指定的登录页面
如果在DAO中找不到用户名,情况也是如此