I am trying to manage my user via cookie. It’s not that easy because there is absolutely no documentation about this topic.
With the help of the sample “zentask” I made this:
session("username", filledForm.field("username").value());
public class Secured{
public static Session getSession() {
return Context.current().session();
}
public static String getUsername() {
return getSession().get("username");
}
public static boolean isAuthorized() throws Exception {
String username = getUsername();
if (username == null)
return false;
long userCount = DatabaseConnect.getInstance().getDatastore()
.createQuery(User.class).field("username").equal(username)
.countAll();
if (userCount == 1)
return true;
return false;
}
I am using it like this:
public static Result blank() throws Exception {
if (Secured.isAuthorized())
return ok(Secured.getUsername());
else
return ok(views.html.login.form.render(loginForm));
}
Now I have several questions/problems:
-
1.) Cookie is not dectypted and always looks the same. eg bdb7f592f9d54837995f816498c0474031d44c1a-username%3Akantaki
-
2.) What does the class Security.Authenticator do?
-
3.) I think user management through cookies is a very common problem, does play!2.0 offer me a complete solution? Or is there at least some documentation?
There is also full stack for
authenticationandauthorization– Play Authenticate by Joscha Feth. (available at GitHub)It incorporates ready-to-use sample for Java, which uses concepts of
securesocial+ full Deadbolt 2 (by Steve Chaloner) support. it has:registerandlog inusers with e-mail, Google, Facebook, Foursquare, Twitter, OpenId and custom providers.rolesandpermissions(via Deadbolt 2)There is sample app for Java in it. You can incorporate it to your app.