Question

我使用剪影和播放2.4 ，如果SecuredRequest正文包含错误，我想限制操作。

我知道，我应该使用official docs描述的特征Authorization。

我正在尝试执行以下操作：

case class WithCheck(checkCriteria: String) extends Authorization[User, CookieAuthenticator] {
  def isAuthorized[B](user: User, authenticator: CookieAuthenticator)(implicit request: Request[B], messages: Messages) = {

    Future.successful(user.criteria == checkCriteria)
  }
}

而不是

def myAction = SecuredAction(WithCheck("bar")) { implicit request =>
  val foo = ...// deserialize object from request.body
  val checkCriteria = foo.criteria 
  // do something else here
}

如何在课程checkCriteria中使用WithCheck值？

Answer 1

I found a solution.

Somehow, I was blind to see that isAuthorized has the same request as an implicit parameter. So, the check could be done entirely into the isAuthorized. For example,

case class WithCheck() extends Authorization[User, CookieAuthenticator] {
  def isAuthorized[B](user: User, authenticator: CookieAuthenticator)(implicit request: Request[B], messages: Messages) = {
    val foo = upickle.read[Foo](request.body.toString())
    Future.successful(user.criteria == foo.criteria)
  }
}

使用请求数据剪影授权

1 个答案: