trait Authentication[User] extends SecurityDirectives with SessionInfoRemover with SessionUserExtractor[User]
- Self Type
- Authentication[User] with Execution
- Source
- Authentication.scala
- Alphabetic
- By Inheritance
- Authentication
- SessionUserExtractor
- SessionInfoRemover
- SecurityDirectives
- AnyRef
- Any
- Hide All
- Show All
- Public
- All
Type Members
-
type
AsyncAuthenticator[T] = (Credentials) ⇒ Future[Option[T]]
- Definition Classes
- SecurityDirectives
-
type
AsyncAuthenticatorPF[T] = PartialFunction[Credentials, Future[T]]
- Definition Classes
- SecurityDirectives
-
type
AuthenticationResult[+T] = Either[HttpChallenge, T]
- Definition Classes
- SecurityDirectives
-
type
Authenticator[T] = (Credentials) ⇒ Option[T]
- Definition Classes
- SecurityDirectives
-
type
AuthenticatorPF[T] = PartialFunction[Credentials, T]
- Definition Classes
- SecurityDirectives
Abstract Value Members
-
abstract
def
decodeSession(session: String): Session[User]
Decodes session.
Decodes session. Is used in
authenticate
directive which if successful provides user to inner route. authenticate }}} user to inner route.
-
abstract
def
encodeSession(session: Session[User]): String
Encodes session.
Encodes session. Encoded session will be encrypted and set as cookie
SessionCookieName
-
abstract
def
signInUser: AuthenticationDirective[User]
Signs in (logs in) user from http request.
Signs in (logs in) user from http request. Can be implemented as Basic authentication, OAuth ...
Concrete Value Members
-
final
def
!=(arg0: Any): Boolean
- Definition Classes
- AnyRef → Any
-
final
def
##(): Int
- Definition Classes
- AnyRef → Any
-
final
def
==(arg0: Any): Boolean
- Definition Classes
- AnyRef → Any
- lazy val AppDefaultChallenge: HttpChallenge
- lazy val HttpChallengeRealm: String
-
val
IP: String
- Attributes
- protected
- val RequestedUriCookieName: String
- val SessionCookieName: String
- val SignInPath: String
- val SignedInDefaultPath: String
- val SignedOutPath: String
-
val
UserAgent: String
- Attributes
- protected
-
final
def
asInstanceOf[T0]: T0
- Definition Classes
- Any
-
def
authFailureRoute: Route
Default implementation redirects to 'sign-in' uri
- def authRejectionHandler: RejectionHandler
-
def
authenticate: AuthenticationDirective[User]
Authenticates user and provides authenticated user, updates session cookie.
Authenticates user and provides authenticated user, updates session cookie. On failure executes
authFailureRoute
-
def
authenticateBasic[T](realm: String, authenticator: (Authentication.this)#Authenticator[T]): AuthenticationDirective[T]
- Definition Classes
- SecurityDirectives
-
def
authenticateBasicAsync[T](realm: String, authenticator: (Authentication.this)#AsyncAuthenticator[T]): AuthenticationDirective[T]
- Definition Classes
- SecurityDirectives
-
def
authenticateBasicPF[T](realm: String, authenticator: (Authentication.this)#AuthenticatorPF[T]): AuthenticationDirective[T]
- Definition Classes
- SecurityDirectives
-
def
authenticateBasicPFAsync[T](realm: String, authenticator: (Authentication.this)#AsyncAuthenticatorPF[T]): AuthenticationDirective[T]
- Definition Classes
- SecurityDirectives
-
def
authenticateOAuth2[T](realm: String, authenticator: (Authentication.this)#Authenticator[T]): AuthenticationDirective[T]
- Definition Classes
- SecurityDirectives
-
def
authenticateOAuth2Async[T](realm: String, authenticator: (Authentication.this)#AsyncAuthenticator[T]): AuthenticationDirective[T]
- Definition Classes
- SecurityDirectives
-
def
authenticateOAuth2PF[T](realm: String, authenticator: (Authentication.this)#AuthenticatorPF[T]): AuthenticationDirective[T]
- Definition Classes
- SecurityDirectives
-
def
authenticateOAuth2PFAsync[T](realm: String, authenticator: (Authentication.this)#AsyncAuthenticatorPF[T]): AuthenticationDirective[T]
- Definition Classes
- SecurityDirectives
-
def
authenticateOrRejectWithChallenge[C <: HttpCredentials, T](authenticator: (Option[C]) ⇒ Future[(Authentication.this)#AuthenticationResult[T]])(implicit arg0: ClassTag[C]): AuthenticationDirective[T]
- Definition Classes
- SecurityDirectives
-
def
authenticateOrRejectWithChallenge[T](authenticator: (Option[HttpCredentials]) ⇒ Future[(Authentication.this)#AuthenticationResult[T]]): AuthenticationDirective[T]
- Definition Classes
- SecurityDirectives
-
def
authenticateUser: AuthenticationDirective[Option[User]]
Authenticates user from session cookie
-
def
authorize(check: (RequestContext) ⇒ Boolean): Directive0
- Definition Classes
- SecurityDirectives
-
def
authorize(check: ⇒ Boolean): Directive0
- Definition Classes
- SecurityDirectives
-
def
authorizeAsync(check: (RequestContext) ⇒ Future[Boolean]): Directive0
- Definition Classes
- SecurityDirectives
-
def
authorizeAsync(check: ⇒ Future[Boolean]): Directive0
- Definition Classes
- SecurityDirectives
-
def
clone(): AnyRef
- Attributes
- protected[lang]
- Definition Classes
- AnyRef
- Annotations
- @throws( ... ) @native() @HotSpotIntrinsicCandidate()
- def decryptSession(session: String): String
-
def
encryptSession(session: String): String
For session debugging, override to disable encryption but ensure session is cookie-compatible:
For session debugging, override to disable encryption but ensure session is cookie-compatible:
session.replace(",", "~").replace("\"", "'")
In that case, 'decryption' would be:
session.replace("~", ",").replace("'", "\"")
-
final
def
eq(arg0: AnyRef): Boolean
- Definition Classes
- AnyRef
-
def
equals(arg0: Any): Boolean
- Definition Classes
- AnyRef → Any
-
def
extractCredentials: Directive1[Option[HttpCredentials]]
- Definition Classes
- SecurityDirectives
-
def
extractSession: Directive1[Option[Session[User]]]
Extract session from session id cookie.
Extract session from session id cookie. If cookie does not exist throws rejection
- def extractSessionToken(user: User): Directive[(String, Long)]
- def extractUserAgent: Directive[(Option[String])]
-
def
extractUserFromSession: Directive1[Option[User]]
Extracts user from session, returns some user if session cookie is found and can be decoded, however, session is not validated
Extracts user from session, returns some user if session cookie is found and can be decoded, however, session is not validated
- Definition Classes
- Authentication → SessionUserExtractor
-
final
def
getClass(): Class[_]
- Definition Classes
- AnyRef → Any
- Annotations
- @native() @HotSpotIntrinsicCandidate()
-
def
hashCode(): Int
- Definition Classes
- AnyRef → Any
- Annotations
- @native() @HotSpotIntrinsicCandidate()
- val httpOnlyCookies: Boolean
- val isAjaxRequest: Directive[Unit]
-
final
def
isInstanceOf[T0]: Boolean
- Definition Classes
- Any
-
final
def
ne(arg0: AnyRef): Boolean
- Definition Classes
- AnyRef
-
final
def
notify(): Unit
- Definition Classes
- AnyRef
- Annotations
- @native() @HotSpotIntrinsicCandidate()
-
final
def
notifyAll(): Unit
- Definition Classes
- AnyRef
- Annotations
- @native() @HotSpotIntrinsicCandidate()
- def remoteAddressToString(a: RemoteAddress): String
-
def
removeSessionCookie: Directive0
Deletes session-id cookie if exists
Deletes session-id cookie if exists
- Attributes
- protected
-
def
removeSessionInfoFromRequest(req: HttpRequest): Self
Removes session info from request, used by org.wabase.DeferredControl to calculate stable request hash
Removes session info from request, used by org.wabase.DeferredControl to calculate stable request hash
- Definition Classes
- Authentication → SessionInfoRemover
-
def
reqestedUriCookieTransformer(cookie: HttpCookie): HttpCookie
On failed authentication sets requested-uri cookie if request has not been Ajax
On failed authentication sets requested-uri cookie if request has not been Ajax
- Attributes
- protected
- val secureCookies: Boolean
-
def
sessionCookieTransformer(cookie: HttpCookie): HttpCookie
- Attributes
- protected
- val sessionTimeOut: Long
-
def
setRequestedUriCookie: Directive[Unit]
- Attributes
- protected
- def setSessionCookie(user: User): Directive0
- def signIn: Route
-
def
signInFailedRoute(rejections: Seq[Rejection]): Route
Default implementation returns http Unauthorized with optional challenge
-
def
signInSuccessRoute(user: User): (RequestContext) ⇒ Future[RouteResult]
Default implementation redirects to uri value stored in cookie
Default implementation redirects to uri value stored in cookie
RequestedUriCookieName
or if cookie is missing redirects to /
- def signOut: Route
-
def
signOutRoute: Route
Default implementation redirects to /
-
def
signOutUser(user: User): Future[Done]
Signs out (logs out) user.
Signs out (logs out) user. Can do all necessary cleanup. Session cookie
SessionCookieName
is deleted by
signOut
directive. Default implementation does nothing. signOut }}}
-
final
def
synchronized[T0](arg0: ⇒ T0): T0
- Definition Classes
- AnyRef
-
def
toString(): String
- Definition Classes
- AnyRef → Any
- def uniqueSessionId: String
-
def
userInfo(implicit user: User): String
String representation of user
-
def
validateSession(session: Session[User], ip: RemoteAddress, userAgent: Option[String]): Boolean
Checks whether expiration time greater than current time and session ip and user agent matches with those of request
-
final
def
wait(arg0: Long, arg1: Int): Unit
- Definition Classes
- AnyRef
- Annotations
- @throws( ... )
-
final
def
wait(arg0: Long): Unit
- Definition Classes
- AnyRef
- Annotations
- @throws( ... ) @native()
-
final
def
wait(): Unit
- Definition Classes
- AnyRef
- Annotations
- @throws( ... )