Completed the forms auth demo.

cervatz · Dec 7, 2013 · e55d13d · e55d13d
1 parent 0a53a82
commit e55d13d
Show file tree

Hide file tree

Showing 10 changed files with 97 additions and 32 deletions.
diff --git a/2.2/http/forms-auth-demo/project/build.scala b/2.2/http/forms-auth-demo/project/build.scala
@@ -10,7 +10,7 @@ object FormsAuthDemoBuild extends Build {
   val Name = "Forms Auth Demo"
   val Version = "0.1.0-SNAPSHOT"
   val ScalaVersion = "2.10.0"
-  val ScalatraVersion = "2.2.0"
+  val ScalatraVersion = "2.2.2"
 
   lazy val project = Project (
     "forms-auth-demo",

diff --git a/2.2/http/forms-auth-demo/src/main/scala/ScalatraBootstrap.scala b/2.2/http/forms-auth-demo/src/main/scala/ScalatraBootstrap.scala
@@ -5,5 +5,7 @@ import javax.servlet.ServletContext
 class ScalatraBootstrap extends LifeCycle {
   override def init(context: ServletContext) {
     context.mount(new ProtectedController, "/*")
+    context.mount(new SessionsController, "/sessions/*")
+
   }
 }
diff --git a/2.2/http/forms-auth-demo/src/main/scala/org/scalatra/example/ProtectedController.scala b/2.2/http/forms-auth-demo/src/main/scala/org/scalatra/example/ProtectedController.scala
@@ -1,11 +1,16 @@
 package org.scalatra.example
 
 import org.scalatra._
-import scalate.ScalateSupport
+import org.slf4j.LoggerFactory
+
+class ProtectedController extends FormsAuthDemoStack with AuthenticationSupport {
+
+  val logger = LoggerFactory.getLogger(getClass)
 
-class ProtectedController extends FormsAuthDemoStack {
 
   get("/") {
+    logger.info("Hitting controller")
+    requireLogin
     <html>
       <body>
         <h1>Hello, world!</h1>

diff --git a/2.2/http/forms-auth-demo/src/main/scala/org/scalatra/example/SessionsController.scala b/2.2/http/forms-auth-demo/src/main/scala/org/scalatra/example/SessionsController.scala
@@ -0,0 +1,28 @@
+package org.scalatra.example
+
+import org.slf4j.LoggerFactory
+
+class SessionsController extends FormsAuthDemoStack with AuthenticationSupport {
+
+  val logger = LoggerFactory.getLogger(getClass)
+
+
+  get("/new") {
+    if (isAuthenticated) redirect("/")
+
+    contentType="text/html"
+    ssp("/sessions/new", "authenticated" -> isAuthenticated)
+  }
+
+  post("/") {
+    logger.info(("Starting authentication"))
+    scentry.authenticate()
+
+    if (isAuthenticated) {
+      redirect("/")
+    }else{
+      redirect("/sessions/new")
+    }
+  }
+
+}
diff --git a/...http/forms-auth-demo/src/main/scala/org/scalatra/example/auth/AuthenticationSupport.scala b/...http/forms-auth-demo/src/main/scala/org/scalatra/example/auth/AuthenticationSupport.scala
@@ -3,20 +3,28 @@ package org.scalatra.example
 import org.scalatra.auth.strategy.{BasicAuthStrategy, BasicAuthSupport}
 import org.scalatra.auth.{ScentrySupport, ScentryConfig}
 import org.scalatra.{ScalatraBase}
+import org.slf4j.LoggerFactory
 
-trait AuthenticationSupport extends ScentrySupport[User] with BasicAuthSupport[User] {
+trait AuthenticationSupport extends ScalatraBase with ScentrySupport[User] {
   self: ScalatraBase =>
 
-  val realm = "Scalatra Basic Auth Example"
+  val mylogger = LoggerFactory.getLogger(getClass)
 
   protected def fromSession = { case id: String => User("1", "timmy", "password")  } // TODO: WTF? 
   protected def toSession   = { case usr: User => usr.id }
 
   protected val scentryConfig = (new ScentryConfig {}).asInstanceOf[ScentryConfiguration]
 
+  protected def requireLogin() = {
+    mylogger.info("requireLogin auth check")
+    if(!isAuthenticated) {
+      redirect("/sessions/new")
+    }
+  }
+
   override protected def configureScentry = {
     scentry.unauthenticated {
-      // scentry.strategies("Basic").unauthenticated()
+      scentry.strategies("UserPassword").unauthenticated()
     }
   }
 

diff --git a/2.2/http/forms-auth-demo/src/main/scala/org/scalatra/example/auth/UserPasswordStrategy.scala b/2.2/http/forms-auth-demo/src/main/scala/org/scalatra/example/auth/UserPasswordStrategy.scala
@@ -3,40 +3,56 @@ package org.scalatra.example
 import org.scalatra.auth.ScentryStrategy
 
 import org.scalatra.{ScalatraBase}
+import javax.servlet.http.{HttpServletResponse, HttpServletRequest}
+import org.slf4j.LoggerFactory
+
 
 /**
  * Authentication strategy to authenticate a user from a username (or email) and password combination.
  */
-class UserPasswordStrategy(protected val app: ScalatraBase)
+class UserPasswordStrategy(protected val app: ScalatraBase)(implicit request: HttpServletRequest, response: HttpServletResponse)
   extends ScentryStrategy[User] {
-
-  private def login = app.params.get("userName")
-  private def password = app.params.get("password")
 
-  private def remoteAddress = {
-    val proxied = app.request.getHeader("X-FORWARDED-FOR")
-    val res = if (proxied != "" ) proxied else app.request.getRemoteAddr
+  override def name: String = "UserPassword"
+  val logger = LoggerFactory.getLogger(getClass)
 
-    res
-  }
 
-  override def isValid = {
-    login.isDefined && password.isDefined
+  private def login = app.params.getOrElse("login", "")
+  private def password = app.params.getOrElse("password", "")
+
+  /***
+    * Determine whether the strategy should be run for the current request.
+    */
+  override def isValid(implicit request: HttpServletRequest) = {
+    logger.info("valid???: " + (login != "" && password != "").toString())
+
+    login != "" && password != ""
   }
 
   /**
    * Authenticates a user by validating the username (or email) and password request params.
    */
-  def authenticate: Option[User] = {
-    User.login(login.get, password.get) match {
+  def authenticate()(implicit request: HttpServletRequest, response: HttpServletResponse): Option[User] = {
+    logger.info("Attempting authentication with UserPasswordStrategy")
+    User.login(login, password) match {
       case None => {
+        logger.info("None on login")
         None
       }
       case Some(usr) => {
+        logger.info("Found user on login")
+
         Some(usr)
       }
     }
   }
 
+  /**
+   * What should happen if the user is currently not authenticated?
+   */
+  override def unauthenticated()(implicit request: HttpServletRequest, response: HttpServletResponse) {
+    app.redirect("/sessions/new")
+  }
+
   protected def getUserId(user: User): String = user.userIdAsString
 }
diff --git a/2.2/http/forms-auth-demo/src/main/scala/org/scalatra/example/models/User.scala b/2.2/http/forms-auth-demo/src/main/scala/org/scalatra/example/models/User.scala
@@ -12,7 +12,6 @@ object User {
 		User.findByLogin(username) match {
 			case Some(user) => {
 		    if(username == user.login && password == user.password){
-		      // updateRememberMe(user)
 		      Some(user)
 		    }else{
 		      None

diff --git a/2.2/http/forms-auth-demo/src/main/webapp/WEB-INF/templates/layouts/default.jade b/2.2/http/forms-auth-demo/src/main/webapp/WEB-INF/templates/layouts/default.jade
diff --git a/2.2/http/forms-auth-demo/src/main/webapp/WEB-INF/templates/layouts/default.ssp b/2.2/http/forms-auth-demo/src/main/webapp/WEB-INF/templates/layouts/default.ssp
@@ -0,0 +1,6 @@
+<%@ val body: String %>
+<html>
+<body>
+    <%= unescape(body) %>
+</body>
+</html>
diff --git a/2.2/http/forms-auth-demo/src/main/webapp/WEB-INF/templates/views/sessions/new.ssp b/2.2/http/forms-auth-demo/src/main/webapp/WEB-INF/templates/views/sessions/new.ssp
@@ -0,0 +1,13 @@
+<p>Please login</p>
+
+<form action="/sessions" method="post">
+    <p>
+        <label>Login:</label>
+        <input type="text" name="login"/><br>
+        <label>Password:</label>
+        <input type="password" name="password"/><br/>
+    </p>
+    <p>
+        <input type="submit">
+    </p>
+</form>