by

Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
    milanvdmria
    @milanvdmria
    Hi :)
    Little question
    val routes: Route =
        baseRoutes ~
          authenticationRoutes ~
          requiredSession(oneOff, usingHeaders) { session =>
            if (AuthenticationHandler.isExpired(session.expiryDate)) {
              reject(AuthorizationFailedRejection)
            } else {
              new GraphqlRoutes(session.userId).graphqlRoutes
            }
          }
    This is what I currently have for routing
    But Im still getting through to my GraphQL route without any session.
    Any possible reason on why?
    milanvdmria
    @milanvdmria
    Including the following warning:
    [WARN] [06/07/2017 23:27:25.246] [pt-system-akka.actor.default-dispatcher-6] [akka.actor.ActorSystemImpl(pt-system)] Illegal request header: Illegal 'authorization' header: Invalid input '=', expected auth-param, OWS, token68, 'EOI' or tchar (line 1, column 332): <JWT_TOKEN>
    milanvdmria
    @milanvdmria
    I solved it by bringing the check inside the get directive.
    But this means I cannot secure a complete path in one go. I have to repeat it for each path and each get/post.
    Is there a way to do this over a path?
    milanvdmria
    @milanvdmria
    @adamw
    Adam Warski
    @adamw
    right now you have authentiationRoutes besides graphQLRoutes
    so if the request is not served by authRoutes it is then tried to be served by graphQLRoutes
    I think you will have to nest them:
    authenticationRoutes { graphQLRoutes }
    @milanvdmria ^
    milanvdmria
    @milanvdmria
    @adamw But it is not about the AuthenticationRoutes but rather about the sessionRequired. Because my GraphQLRoutes is nested inside of the SessionRequired call and should therefore need a session. Which is currently not the case :)
    Adam Warski
    @adamw
    @milanvdmria ah ... well that obviously shouldn't happen :) what's the session that you get in such cases? It must have some value ...
    milanvdmria
    @milanvdmria
    @adamw Ill have a look when Im home
    milanvdmria
    @milanvdmria
    Seems to be something on my side because now it seems to be working :)
    Patrick Ting
    @pcting
    regarding the dynomite REST route /cluster_describe, the port returned in the response seems to be the gossip/dyn_listen port. is this intended? it'll be nice if it was more specific... ie, listen_port, gossip_port, etc. i've been looking at it to build a TokenMapSupplier
    Adam Warski
    @adamw
    @pcting I'm not sure if it's the right channel? :)
    Patrick Ting
    @pcting
    @adamw whoops, thanks. you're right
    Roberto Leibman
    @rleibman
    hey hi. I'm sure it's been asked endlessly... but I couldn't find any faqs on it... is there a tried and true way of doing Form based authentication? I managed to get BasicAuthentication working in [seriously] a few minutes, but can't find anything for form based auth.
    Roberto Leibman
    @rleibman
    I should have seen that the last traffic here was from almost a year ago... oh well.
    Adam Warski
    @adamw
    @rleibman well I suppose you would just read the form data on the client side and call your authentication logic :) So sth like:
    val mySecureRoute = formFields("user", "password") { (user, password) =>
      onComplete(authorize(user, password)) { result => // authorize: (String, String) => FuturepBoolean
        if (result) {
          setSession(...) { /* app logic */ }
        } else {
          complete(StatusCodes.Forbidden)
        }
      }
    }
    Roberto Leibman
    @rleibman
    It's a bit more complicated than that...with BasicAuth built into akka, I have directives for authenticate and authorize that give me back a user, or reject, forcing the browser to bring up a login dialog. Yes, I understand the login code you posted, but I was hoping of a slightly larger example of usage, with login, logout and the equivalent of authenticate (bonus point for create user, forgot password). The ScalaExample in git is actually pretty close.
    Adam Warski
    @adamw
    @rleibman a bit late, sorry, but maybe https://github.com/softwaremill/bootzooka will also be interesting
    Roberto Leibman
    @rleibman
    I mostly wrangled it by hand... though I'll definitely take a look at that project, thanks.
    Bilal
    @bilal-fazlani
    Hi, is there a support/example that shows integration between akka-http-session and reactjs application?
    bharath619
    @bharath619
    is there any documentation for akka-http-session?
    Adam Warski
    @adamw
    just what's in the repo