AuthActions

Type Members

trait AbstractApiAuthAction extends ActionBuilder[UserRequest, AnyContent]

Abstraction for API auth actions allowing to mix in custom results for each of the different error scenarios.
trait PlainErrorResponses extends AnyRef

Abstract Value Members

abstract def authCallbackUrl: String

The auth callback url.
The auth callback url. This is where google will send the user after authentication. This action on this url should invoke processGoogleCallback
abstract def controllerComponents: ControllerComponents
abstract def panDomainSettings: PanDomainAuthSettingsRefresher
abstract def validateUser(authedUser: AuthenticatedUser): Boolean

Returns true if the authed user is valid in the implementing system (meets your multifactor requirements, you recognise the email etc.).
Returns true if the authed user is valid in the implementing system (meets your multifactor requirements, you recognise the email etc.).
If your implementing application needs to audit logins / register new users etc then this ia also the place to do it (although in this case you should strongly consider setting cacheValidation to true).
returns
true if the user is valid in your app
abstract def wsClient: WSClient

Play application components that you must provide in order to use AuthActions

Concrete Value Members

final def !=(arg0: Any): Boolean

Definition Classes
AnyRef → Any
final def ##(): Int

Definition Classes
AnyRef → Any
final def ==(arg0: Any): Boolean

Definition Classes
AnyRef → Any
val ANTI_FORGERY_KEY: String
object APIAuthAction extends AbstractApiAuthAction with PlainErrorResponses

Action that ensures the user is logged in and validated.
Action that ensures the user is logged in and validated.
This action is for API / XHR type requests where the user can't be sent to the auth provider for auth. In the cases where the auth is not valid response codes are sent to the requesting app and the javascript that initiated the request should handle these appropriately
If the user is not authed then a 401 response is sent, if the auth has expired then a 419 response is sent, if the user is authed but not allowed to perform the action a 403 is sent
If the user is authed or has an expiry extension, a 200 is sent
object AuthAction extends ActionBuilder[UserRequest, AnyContent]

Action that ensures the user is logged in and validated.
Action that ensures the user is logged in and validated.
This action is for page load type requests where it is possible to send the user for auth and for them to interact with the auth provider. For API / XHR type requests use the APIAuthAction
if the user is not authed or the auth has expired they are sent for authentication
val GoogleAuth: GoogleAuth
val LOGIN_ORIGIN_KEY: String

A Play session key that stores the target URL that was being accessed when redirected for authentication
def apiGracePeriod: Long

Adding an expiry extension to APIAuthActions allows for a delay between an applications authentication and their respective API XHR calls expiring.
Adding an expiry extension to APIAuthActions allows for a delay between an applications authentication and their respective API XHR calls expiring.
By default this is 0 and thus disabled.
This is particularly useful for SPAs where users have third party cookies disabled.
returns
the amount of delay between App and API expiry in milliseconds
final def asInstanceOf[T0]: T0

Definition Classes
Any
def cacheValidation: Boolean

By default the validity of the user is checked every request.
By default the validity of the user is checked every request. If your validateUser implementation is expensive or has side effects you can override this to true and validity will only be checked the first time the user visits your app after their login is established.
Note the the cache is invalidated after the user's session is re-established with google.
returns
true if you want to only check the validity of the user once for the lifetime of the user's auth session
def checkMultifactor(authedUser: AuthenticatedUser): Boolean
def clone(): AnyRef

Attributes
protected[java.lang]
Definition Classes
AnyRef
Annotations
@throws( ... )
final def eq(arg0: AnyRef): Boolean

Definition Classes
AnyRef
def equals(arg0: Any): Boolean

Definition Classes
AnyRef → Any
def extractAuth(request: RequestHeader): AuthenticationStatus

Extract the authentication status from the request.
def finalize(): Unit

Attributes
protected[java.lang]
Definition Classes
AnyRef
Annotations
@throws( classOf[java.lang.Throwable] )
def flushCookie(result: Result): Result
def generateCookies(authedUser: AuthenticatedUser): List[Cookie]
final def getClass(): Class[_]

Definition Classes
AnyRef → Any
val groupChecker: Option[GoogleGroupChecker]
def hashCode(): Int

Definition Classes
AnyRef → Any
def includeSystemInCookie(authedUser: AuthenticatedUser)(result: Result): Result
def invalidUserMessage(claimedAuth: AuthenticatedUser): String

Generates the message shown to the user when user validation fails.
Generates the message shown to the user when user validation fails. override this to add a custom error message
final def isInstanceOf[T0]: Boolean

Definition Classes
Any
val multifactorChecker: Option[Google2FAGroupChecker]
final def ne(arg0: AnyRef): Boolean

Definition Classes
AnyRef
final def notify(): Unit

Definition Classes
AnyRef
final def notifyAll(): Unit

Definition Classes
AnyRef
def processGoogleCallback()(implicit request: RequestHeader): Future[Result]
def processLogout(implicit request: RequestHeader): Result
def readAuthenticatedUser(request: RequestHeader): Option[AuthenticatedUser]
def readCookie(request: RequestHeader): Option[Cookie]
def sendForAuth[A](implicit request: RequestHeader, email: Option[String] = None): Future[Result]

starts the authentication process for a user.
starts the authentication process for a user. By default this just sends the user off to google for auth but if you want to show welcome page with a button on it then override.
def showUnauthedMessage(message: String)(implicit request: RequestHeader): Result

invoked when the user is not logged in a can't be authed - this may be when the user is not valid in yur system or when they have exoplicitly logged out.
invoked when the user is not logged in a can't be authed - this may be when the user is not valid in yur system or when they have exoplicitly logged out.
Override this to add a logged out screen and display maeesages for your app. The default implementation is to ust return a 403 response
final def synchronized[T0](arg0: ⇒ T0): T0

Definition Classes
AnyRef
def toString(): String

Definition Classes
AnyRef → Any
final def wait(): Unit

Definition Classes
AnyRef
Annotations
@throws( ... )
final def wait(arg0: Long, arg1: Int): Unit

Definition Classes
AnyRef
Annotations
@throws( ... )
final def wait(arg0: Long): Unit

Definition Classes
AnyRef
Annotations
@throws( ... )

Related Doc: package action

trait AuthActions extends AnyRef

Type Members

trait AbstractApiAuthAction extends ActionBuilder[UserRequest, AnyContent]

trait PlainErrorResponses extends AnyRef

Abstract Value Members

abstract def authCallbackUrl: String

abstract def controllerComponents: ControllerComponents

abstract def panDomainSettings: PanDomainAuthSettingsRefresher

abstract def validateUser(authedUser: AuthenticatedUser): Boolean

abstract def wsClient: WSClient

Concrete Value Members

final def !=(arg0: Any): Boolean

final def ##(): Int

final def ==(arg0: Any): Boolean

val ANTI_FORGERY_KEY: String

object APIAuthAction extends AbstractApiAuthAction with PlainErrorResponses

object AuthAction extends ActionBuilder[UserRequest, AnyContent]

val GoogleAuth: GoogleAuth

val LOGIN_ORIGIN_KEY: String

def apiGracePeriod: Long

final def asInstanceOf[T0]: T0

def cacheValidation: Boolean

def checkMultifactor(authedUser: AuthenticatedUser): Boolean

def clone(): AnyRef

final def eq(arg0: AnyRef): Boolean

def equals(arg0: Any): Boolean

def extractAuth(request: RequestHeader): AuthenticationStatus

def finalize(): Unit

def flushCookie(result: Result): Result

def generateCookies(authedUser: AuthenticatedUser): List[Cookie]

final def getClass(): Class[_]

val groupChecker: Option[GoogleGroupChecker]

def hashCode(): Int

def includeSystemInCookie(authedUser: AuthenticatedUser)(result: Result): Result

def invalidUserMessage(claimedAuth: AuthenticatedUser): String

final def isInstanceOf[T0]: Boolean

val multifactorChecker: Option[Google2FAGroupChecker]

final def ne(arg0: AnyRef): Boolean

final def notify(): Unit

final def notifyAll(): Unit

def processGoogleCallback()(implicit request: RequestHeader): Future[Result]

def processLogout(implicit request: RequestHeader): Result

def readAuthenticatedUser(request: RequestHeader): Option[AuthenticatedUser]

def readCookie(request: RequestHeader): Option[Cookie]

def sendForAuth[A](implicit request: RequestHeader, email: Option[String] = None): Future[Result]

def showUnauthedMessage(message: String)(implicit request: RequestHeader): Result

final def synchronized[T0](arg0: ⇒ T0): T0

def toString(): String

final def wait(): Unit

final def wait(arg0: Long, arg1: Int): Unit

final def wait(arg0: Long): Unit

Inherited from AnyRef

Inherited from Any

Ungrouped