Comments (5)
Are you using the correct transport in the directives, e.g. setSession(oneOff, usingHeaders, sessionContent)
?
from akka-http-session.
Hi,
Here is a code snippet showing how I have implemented...
trait RestApi extends RepositorySupport {
implicit val system = GlobalInjector.getInjector.instance[ActorSystem]
implicit val timeout = Timeout(60.seconds)
val sessionConfig = SessionConfig.fromConfig()
implicit val sessionManager = new SessionManager[ScSession](sessionConfig)
implicit val refreshTokenStorage = new RefreshTokenStorage[ScSession] {
override def lookup(selector: String): Future[Option[RefreshTokenLookupResult[ScSession]]] = {
tokenRepo.tokenService.findSecureTokenBySelector(selector)
}
override def schedule[S](after: Duration)(op: => Future[S]): Unit = {
???
}
override def store(data: RefreshTokenData[ScSession]): Future[Unit] = {
val token = Token(secureToken = Some(SecureToken(session = data.forSession, selector = data.selector, tokenHash = data.tokenHash, expires = data.expires)))
tokenRepo.tokenService.createSecureToken(token)
}
override def remove(selector: String): Future[Unit] = {
tokenRepo.tokenService.deleteSecureTokenBySelector(selector)
}
}
def mySetSession(v: ScSession) = {
println(s"setting session ${v.token}")
setSession(refreshable, usingHeaders, v)
}
val myRequiredSession = requiredSession(refreshable, usingHeaders)
val myInvalidateSession = invalidateSession(refreshable, usingHeaders)
def serviceManager(implicit system: ActorSystem) = system.actorOf(Props[ServiceManager])
}
The trait above is inherited in the route as below
trait AuthRoutes extends CORSSupport with RestApi {
def authRoutes(implicit executionContext: ExecutionContext): Route = {
cors {
pathPrefix("api" / "v1") {
(post & path("login" / Segment)) { user =>
entity(as[LoginDTO]) { login =>
complete {
serviceManager.ask(Authenticate(login, user)).mapTo[LoginMessage].map {
case msg: LoginSuccess => mySetSession(ScSession(msg.token))
HttpResponse(200, entity = msg.token)
case LoginFailure => HttpResponse(400, entity = "Bad request")
case _ => HttpResponse(400, entity = "Bad request")
}
}
}
} ~
I am sorry for the late response...
Many thanks for your help
from akka-http-session.
I'm not sure if I'm reading your code correctly but mySetSession
is a directive and should be used as such; it doesn't have any side-effects, it needs to wrap other handlers that should complete the request.
I think you are just calling mySetSession
and the returning the response HttpResponse
as two separate statements, so the results of mySetSession
are ignored.
I think the correct usage would be:
onSuccess(serviceManager.ask(Authenticate(login, user)).mapTo[LoginMessage]) {
case msg: LoginSuccess =>
mySetSession(ScSession(msg.token)) {
complete(HttpResponse(...))
}
case ... => complete(...)
}
from akka-http-session.
@adamw oaf! I think you are right. Didn't reason it that way.. I will give it a try and let you know how it goes.
from akka-http-session.
@adamw Many thanks for your prompt intervention... 👍
Still don't know why i didn't use it as a directive as it was very clear in the example.
I guess I got carried away with the ask pattern viz-a-viz. I will close now!
Cheers
from akka-http-session.
Related Issues (20)
- requireSession breaks CORS HOT 3
- RefreshTokenStorage schedule documentation HOT 5
- Infinite loop in RefreshTokenManager HOT 3
- Question: can Cassandra be used as "session"? HOT 2
- Question Regarding unresolved dependency: com.softwaremill#akka-http-session_2.12;0.5.2: not found HOT 2
- on secret management HOT 1
- Redirect unauthenticated request HOT 1
- Session token compatibility across upgrades HOT 8
- Please support Java 9! HOT 2
- Upgrade to akka-stream 2.5 HOT 2
- RSA signing for JWT HOT 1
- Build for Scala 2.13.0 HOT 1
- JWT: Add support for `iss` and `aud` claims HOT 1
- issue refreshing token HOT 7
- Allow separate access/refresh transport
- CSRF protection can be bypassed with empty header and empty cookie HOT 1
- Upgrade to akka streams 2.6.x HOT 2
- CSRF protection can be bypassed HOT 10
- Add SameSite attribute to Cookies HOT 1
- create pekko equivalent? HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from akka-http-session.