search

perwendel / spark

A simple expressive web framework for java. Spark has a kotlin DSL https://github.com/perwendel/spark-kotlin
Apache License 2.0
9.63k stars 1.56k forks source link

Filter inside route group applying to external routes #1147

Open fermin-silva opened 4 years ago

fermin-silva commented 4 years ago

Hi,

I'm trying to add an authentication filter before some of my requests, but I'm required to keep the endpoints intact and "resty", i.e. not adding a specific prefix to these requests. For example:

//public endpoints
post("/users", (req, res) -> userController.create(req, res) );
post("/login", (req, res) -> userController.login(req, res) );

//authenticated endpoints
path("/*", () -> {
    before("", authFilter);
    get("/users", (req, res) -> "hello user" );
    ... many more resources here
});

The problem I have is that when I POST to /login the authFilter is being applied, and thus I cant login. Ideally I would like to keep all user resources as /users/* (both public and private), but apparently I cannot.

Is there a way of doing this without prefixing all my private resources with a special path prefix like /auth/* (ex. /auth/users instead of /users) ? I tried different path combinations (wildcard, empty, wildcard on the before filter, etc) with no success.

Without digging extensively into the source code, path groups appear to be only a convenience method that just prepends the parent path to all the resources inside, and not actually grouping them in any way.

My expected behavior was that filters, exception mappers, etc added inside path groups would only "affect" those resources inside the group, as per the docs:

If you have a lot of routes, it can be helpful to separate them into groups. Apparently there is no separation/isolation.

Thanks in advance for the time and support!