Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Token based authentication using Play 2 Framework

I'm buiding an application using Play Framework 2, in Scala. It will be purely RESTful, with calls being made at the moment from a Javascript single page application.

What would be the best way to integrate token-based authentication? There are multiple authentication libraries for Play2 out there, plus the raw Secured trait, but it's not clear which one would be the most convenient.

Thanks for your help and your suggestions

like image 275
Artur Soler Avatar asked Mar 03 '14 18:03

Artur Soler


1 Answers

In case you refer to JWT when you say "token-based", you may want to take a look at this example of implementing HTTP Basic Authentication in Play2, and this answer re: how to implement JWT on a Scala backend. The nice part is that you need neither cookies, nor a cache for authenticated users.

Including content from 1st link for convenience:

def Secured[A](username: String, password: String)(action: Action[A]) = Action(action.parser) { request =>
  request.headers.get("Authorization").flatMap { authorization =>
    authorization.split(" ").drop(1).headOption.filter { encoded =>
      new String(org.apache.commons.codec.binary.Base64.decodeBase64(encoded.getBytes)).split(":").toList match {
        case u :: p :: Nil if u == username && password == p => true
        case _ => false
      }
    }.map(_ => action(request))
  }.getOrElse {
    Unauthorized.withHeaders("WWW-Authenticate" -> """Basic realm="Secured"""")
  }
}

Use as follows:

def myAction = Secured("admin", "1234secret") {
  Action { request =>
    Ok
  }
}
like image 98
Costas Kotsokalis Avatar answered Sep 23 '22 09:09

Costas Kotsokalis