WebSocket HTTP response handling
137 views
Skip to first unread message
Ahmed Soliman
Jun 24, 2013, 4:42:22 PM6/24/13
to play-fr...@googlegroups.com
Dear Play!ers
I'm trying to get more sensible http-based control over the websocket connection, for example I want to handle authentication. If the *session* doesn't contain a certain key then I should return HTTP Forbidden on the websocket connection request. I cannot do that since the Websocket.using[T] requires the Tuple2[Iteratee, Enumerator] return type, I can return an EOF enumerator but that is not expressive and doesn't feel right to me.
I could do something similar using this snippet of code:
def ws(username: String) = {
if (username == "asoliman")
Action { request =>
Forbidden("Soliman is not allowed here")
}
else
WebSocket.using[String] { request =>
val in = Iteratee.foreach[String]( s => println("got: " + s)).mapDone(_ => println("Disconnected"))
val out = Enumerator[String]("Ahmed", "Mohamed", "Ibrahim").andThen(Enumerator.enumInput(Input.EOF))
(in, out)
}
}
and in the routes file I got:
GET /ws/$username<.*> controllers.Application.ws(username)
So, the point here is that I could capture some parameter from the url and do my check, but I cannot access the "request" parameter at that point and this means I cannot read the session.
Any clue?
Ahmed Soliman - أحمد سليمان
http://www.ahmedsoliman.com
GPG ID: 0xAEEE5042
Plant a tree, save the planet and please don't print this message!
http://www.ahmedsoliman.com
GPG ID: 0xAEEE5042
Plant a tree, save the planet and please don't print this message!
Ahmed Soliman
Jun 24, 2013, 4:56:31 PM6/24/13
to play-fr...@googlegroups.com
Sorry, forgot to add the version [Play 2.1.1]
Ahmed Soliman - أحمد سليمان
http://www.ahmedsoliman.com
GPG ID: 0xAEEE5042
Plant a tree, save the planet and please don't print this message!
http://www.ahmedsoliman.com
GPG ID: 0xAEEE5042
Plant a tree, save the planet and please don't print this message!
Guillaume Bort
Jun 25, 2013, 3:46:32 AM6/25/13
to play-fr...@googlegroups.com
Yes, it's not really possible right now with the current API. Anyway I don't think it really help to send a Forbidden response in this case as it will just make the Javascript WebSocket connection fail with an error.
I would just send a EOF right away to forbid the WebSocket connection.
--
You received this message because you are subscribed to the Google Groups "play-framework" group.
To unsubscribe from this group and stop receiving emails from it, send an email to play-framewor...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
Guillaume Bort, @guillaumebort – http://guillaume.bort.fr
volker...@eligotech.com
Jun 26, 2013, 2:33:33 AM6/26/13
to play-fr...@googlegroups.com
I was considering overwriting Global.onRouteRequest for a similar problem. At the end we decided to handle this through the returned content, so did not really try it out. But I assume it is possible as the RequestHeader is available there.
Fabio Tiriticco
Oct 28, 2013, 5:36:31 PM10/28/13
to play-fr...@googlegroups.com
Hi all, any news on this?
Reply all
Reply to author
Forward
0 new messages