Authentication using Unfiltered for Scala
Since it took me a while to figure this out (though it seems very obvious now), here’s how I do HTTP authentication in Unfiltered while preserving the authenticated user for later access.
class User(val name: String)
object User {
def verify(name: String, password: String): Option[User] =
if (
name == "user" &&
password == "pwd"
) {
Some(new User(name))
} else {
None
}
}
class AuthPlan extends Plan {
val AuthFail =
Unauthorized ~> WWWAuthenticate("""Basic realm="/"""")
def intent = {
case GET(Path("/na")) =>
ResponseString("No Authentication needed")
case req @ BasicAuth(u, p) =>
User.verify(u, p) match {
case Some(user) => req match {
case GET(Path("/a")) =>
ResponseString("Hello " + user.name)
case GET(...) =>
// Your other filters
case _ =>
NotFound
}
case None => AuthFail
}
case _ =>
AuthFail
}
}