Open asthanasid opened 8 years ago
iirc : simply declare Session
as parameter of your method, and use it.
Nope. the method throws a null pointer exception for Session
. I tried both, with and without explicitly setting a SessionHandler
on the router. I could see in the nubes code that CookieHandler
is being set but could not find anywhere in the code where a SessionHandler
is being set. Is there an example i can use?
I'll have a look tomorrow. Auth/Session is the only part of the code I didn't write myself.
(the only place a sessionhandler is set is when you're using an auth provider)
"Version 1.1 should be available shortly" according to bintray.
You should be able to use the Session as a method parameter even though you're not using a built-in authentication mechanism.
Let me know if it suits your needs or not :)
Couple of things:
Auth
annotation and other one was not marked. I did not provide any AuthProvider
. Both paths were served. I was expecting it to throw an exception. Dont know if this is the way it should beShiroAuth
provider ( as this is what i want to use in my app ).
Auth
annotation, cookie vertx-web.session
was not returned in responseAuth
annotation, cookie vertx-web.session
was correctly returned in response, however, re-visiting the unmarked path, the cookie was again not returnedauthProvider
or VertxNubes.setAuthProvider
is the correct waySo my needs ( just to elaborate: would be happy to help, let me know)
vertx-web.session
in response without explicitly mentioning soAuthProvider
. Not a big issue to use set
but for a library promoting Annotation, this would be more in tune :) @Auth
if there is no AuthProvider
set then it should throw an exception rather making the path unsecured.Later today I will try to update the code which can highlight these issues for you
OK. I'll try to rework the auth part completely.
I'm not using it myself (since I've always been using using custom authentication services) and as I mentionned earlier, I did not write this part of the code. I'm not happy with the way it's configured, too.
So I guess it's time (and OAuth2 support coming in vert.x 3.2 has to be added, too) to rewrite this part of Nubes properly.
For the cookie thing, I'll try to create a standard vertx-web app with an authenticated and a public route but I think the problem doesn't lie within Nubes.
I'll try to rethink everything related to auth from scratch. Again, that's not that easy since I've never used it myself.
And may be a login and logout handler annotation on a controller method because nubes is injecting the AuthProvider
which is needed by the FormLoginHanlder
Would you be taking this up soon? Or can I get started on a fork?
I'm in the middle of a move to another city, which means (aside a very very busy schedule) I probably won't be connected to the internet in the upcoming weeks.
If you feel like working on a fork, the licence allows it, so feel free, np at all,
I'll give it a look and help you as soon as I'm able to.
I will need some opinion! Don't to digress away from the library's core philosophy.
For sessions, I am planning to add a type annotation SessionEnabled
toVertxNubes
and NubesServer
. So a SessionHandler
will be set on all routes if initialized as @SessionEnabled VertxNubes nubes = ...
Does it seem ok?
That sounds good on a philosophical point of view :)
.Be careful with the implementation though, I guess if a route is already annotated with auth-realated stuff, the sessionhandler will be attached to the route (be careful you don't attach it twice in that case ;) )
Also, there are a ton of unit tests, you can run them to make sure you didn't break anything (there's ~85-90% code coverage). And also, make sure you compile the tests with the -parameters
options (if you run them in your IDE for example) or some tests won't work.
Have fun :)
There are cookie examples but i could not find session management. Is there a way to ensure session management or Vertx-web session handler should be used? I would prefer not to write my own cookie for session management.