Play 框架:如何要求某些操作(而非全部)登录 [英] Play framework: How to require login for some actions, but not all
本文介绍了Play 框架:如何要求某些操作(而非全部)登录的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
将 @With(Secure.class)
添加到控制器会阻止所有未经身份验证的访问.有没有办法只为某些动作启用它,或者在控制器上启用它后排除某些动作?
Adding @With(Secure.class)
to a controller blocks all unauthenticated access. Is there a way to enabled it only for certain actions, or to except certain actions after it's enabled on a controller?
推荐答案
你不能用安全模块做到这一点.正如 Niels 所说,安全模块与其说是解决方案,不如说是一个示例.您可以使用 @Before 注释构建自己的安全系统.下面是一个例子:
You can't do that with the secure module. As Niels said the secure module is more an example than a solution. You can build your own security system with the @Before annotation. Here is an example:
public class Admin extends Controller {
@Before(unless={"login", "authenticate", "logout", "otherMethod"})
void checkAccess() {
// check the cookie
}
public void login() {
render();
}
public void authenticate(String email, String password) {
// check the params and set a value in the cookie
}
public void logout() {
// delete cookie
}
建议您阅读安全模块的源代码.
I recommend you to read the source code of the secure module.
这篇关于Play 框架:如何要求某些操作(而非全部)登录的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文