提升身份验证 [英] Lift Authentication

问题描述

我想为我的Lift应用程序创建一个身份验证路由.

I want to create an authentication route for my Lift Application.

1. 创建一条路线，例如www.myapp.com/user/login
2. 我没有使用Lift表格/模板.表单以JS呈现.
3. 使用电子邮件和密码发送发帖请求.
4. 在收到该POST请求后，调用Lift身份验证.
5. 使用Users.login(email, password)方法来验证凭据.

1. Create a route, for instance www.myapp.com/user/login
2. I am not using Lift forms/templating. The forms are rendered in JS.
3. Send a post request with email and password.
4. Call Lift authentication when that POST request is received.
5. Use the Users.login(email, password) method to validate the credentials.

问: 如何告诉Lift验证通过/user/login传入的凭据?

Q: How do I tell Lift to authenticate the credentials incoming via /user/login?

推荐答案

这过于简单了，但是类似这样的东西将允许您创建可以发布到的URL. JSON提取不是很安全，但是应该让您了解它的工作方式.

This is overly simplistic, but something like this will allow you to create a url that you can post to. The JSON extraction is not very safe, but should give you an idea of how this might work.

LiftRules.dispatch.append(new RestHelper{
  serve {
    case JsonPost("user" :: "login" :: Nil, (json, _)) =>
      //extract JSON from json object to get username and password
      val userEmail:String = (json \ "username").extract[String]
      val password = (json \ "password").extract[String]
      User.login(userEmail, password) match {
        case Full(r) =>
          User.current(true)
          InMemoryResponse(Array(), Nil, Nil, 200)
        case _ => ForbiddenResponse
      }
  }
})

在User.scala中

object User {
  object loggedIn extends SessionVar[Boolean](false)
}

然后，您可以使用if(User.loggedIn.get){ ... }来测试用户是否在任何地方登录.如果您使用LiftRules.statelessDispatch，则该会话将不存在.

Then you can use if(User.loggedIn.get){ ... } to test if the user is logged in anywhere. This will work for anything added to the stateful dispatch, if you use LiftRules.statelessDispatch the session will not exist.

这篇关于提升身份验证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！