Re: [play-framework] play20-auth enlightenment
122 views
Skip to first unread message
Will Sargent
Oct 25, 2012, 3:09:33 PM10/25/12
to play-fr...@googlegroups.com
On Wed, Oct 24, 2012 at 11:39 PM, Jason Jackson <jasonj...@gmail.com> wrote:
> I'm looking at the play20-auth module for scala:
>
> https://github.com/t2v/play20-auth
>
> What I am wanting to accomplish is if I user is authenticated as one
> authority (NormalUser) they are redirected to one route
> (routes.Message.main), but if they are authenticated as another authority
> (Administrator) they are redirected to a different route
> (routes.Admin.main).
>
> Looking at the AuthConfigImpl trait I am not sure if this should be done in
> the loginSucceeded, or how that method should gain access to the users
> authority, of if that should be added to the authorize method, where the
> case statements should be something other than true. There are a lot of
> "tailor this to fit your application" comments in the code, but I'm not
> clear on how this should be tailored, and haven't found any examples which
> use this module that I can dissect.
>
> Can anyone point me in a direction of how to accomplish this, or a sample
> application which uses this module?
I don't know exactly how you do this in play20-auth, but I know the
general theory -- Authlogic and Devise (Rails gems) do this by
specifying multiple sessions, one for each login.
You don't need to go that far, but in the PLAY_SESSION cookie, you
have a map of user ids with the key being things like "userId" and
"adminId". You can have the option to be logged in as both, but in
this case it sounds like you want the loginSucceeded to check for the
value and log you out of the other one.
I've written a sample project based on play20-auth that might make
things a little clearer:
https://github.com/wsargent/play20-rememberme
Will.
> I'm looking at the play20-auth module for scala:
>
> https://github.com/t2v/play20-auth
>
> What I am wanting to accomplish is if I user is authenticated as one
> authority (NormalUser) they are redirected to one route
> (routes.Message.main), but if they are authenticated as another authority
> (Administrator) they are redirected to a different route
> (routes.Admin.main).
>
> Looking at the AuthConfigImpl trait I am not sure if this should be done in
> the loginSucceeded, or how that method should gain access to the users
> authority, of if that should be added to the authorize method, where the
> case statements should be something other than true. There are a lot of
> "tailor this to fit your application" comments in the code, but I'm not
> clear on how this should be tailored, and haven't found any examples which
> use this module that I can dissect.
>
> Can anyone point me in a direction of how to accomplish this, or a sample
> application which uses this module?
I don't know exactly how you do this in play20-auth, but I know the
general theory -- Authlogic and Devise (Rails gems) do this by
specifying multiple sessions, one for each login.
You don't need to go that far, but in the PLAY_SESSION cookie, you
have a map of user ids with the key being things like "userId" and
"adminId". You can have the option to be logged in as both, but in
this case it sounds like you want the loginSucceeded to check for the
value and log you out of the other one.
I've written a sample project based on play20-auth that might make
things a little clearer:
https://github.com/wsargent/play20-rememberme
Will.
Will Sargent
Oct 25, 2012, 3:21:40 PM10/25/12
to play-fr...@googlegroups.com
Okay, more detail -- using AuthController [1] as a guide, you want
another AuthController called "AdminAuthController" -- you want to
change the SessionCookie, either to be (newly created)
AdminSessonCookie or by encoding a map in the regular session cookie,
and you want a new AdminAuthenticationService for logging in as an
admin.
I should probably abstract the session logic into a BaseSession the
same way that Authlogic has Authlogic::Session::Base, but given you're
the first person who's asked...
Will.
[1] https://github.com/wsargent/play20-rememberme/blob/master/app/controllers/AuthController.scala
another AuthController called "AdminAuthController" -- you want to
change the SessionCookie, either to be (newly created)
AdminSessonCookie or by encoding a map in the regular session cookie,
and you want a new AdminAuthenticationService for logging in as an
admin.
I should probably abstract the session logic into a BaseSession the
same way that Authlogic has Authlogic::Session::Base, but given you're
the first person who's asked...
Will.
[1] https://github.com/wsargent/play20-rememberme/blob/master/app/controllers/AuthController.scala
Reply all
Reply to author
Forward
0 new messages