Open chilinhnet opened 9 years ago
gencube
commented
9 years ago +3 How about? http://sparkjava.com/documentation.html#filters
before("/protected/*", (request, response) -> { // << HERE?
// ... check if authenticated
halt(401, "Go Away!");
});
// I assumes it also should likewise do
get("/myapi/*", (request, response) -> { // << HERE?
// do something...
});
chilinhnet
commented
9 years ago sinatra support regular:
Route matching with Regular Expressions:
get /\A\/hello\/([\w]+)\z/ do "Hello, #{params['captures'].first}!" end
gencube
commented
9 years ago +2.
ggviana
commented
9 years ago Is there any test for URL matching? Implementing this feature shouldn't be difficult.
kliakos
commented
9 years ago +1
jkwatson
commented
9 years ago :+1: I'd like to have auth filters apply to everything except my health-check route (which doesn't need any auth, so it can be monitored externally).
mykolapolonskyi
commented
7 years ago Hello
Can please someone say, is this kind
/subject/:id/operation/sub-operation-one
of routes supported?
kliakos
commented
7 years ago @glhf sure it is
mosampaio
commented
7 years ago +1
s4mpl3d
commented
7 years ago +1
On 24 Jul 2017 12:41 p.m., "Marcos Sampaio" notifications@github.com wrote:
+1
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/perwendel/spark/issues/269#issuecomment-317385030, or mute the thread https://github.com/notifications/unsubscribe-auth/AFjlgxhL-gCDwSCdvk8OIWtqfAfWW91Oks5sRHTOgaJpZM4EN-zX .
duncte123
commented
6 years ago +1
SharkFourSix
commented
5 years ago 👍 I'd like to have auth filters apply to everything except my health-check route (which doesn't need any auth, so it can be monitored externally).
One other option that I use is to have a base Route which checks auth tokens and grants access based on the descendant Route's annotation. This is how I set up mine:
Here's some pseudo code
public class Service {}
public class UserService extends Service {}
public class ServiceContainer {
public Class<T extends Service> T getService(Class<T> klazz){ /* ... */ }
public void addService(Service service){ /* ... */ }
}
enum AccessPolicy {
MustBeAuthenticated,
MustBeHavePremiumAccount
// ...
}
enum Role {
BackupUser,
LogAuditor
}
@interface Restrictions {
AccessPolicy[] accessPolicyList;
Role[] acceptedRoles;
}
public abstract class BaseRoute implements Route {
private final ServiceContainer container;
private final Restrictions restrictions;
private final boolean hasAccessPolicy;
public BaseRoute(ServiceContainer container){
this.container = container;
this.restrictions = getClass().getDeclaredAnnocation(Rrestrictions.class);
this.hasAccessPolicy = this.restrictions != null;
}
@Override
public Object handle(Request request, Response response) throws Exception {
JsonWebToken jwt = getToken(request);
if(hasAccessPolicy){
if(!isValidSessionToken(jwt)){ return someErrorMessage; }
if(!isRoleAllowed(jwt.payload.role)){ return someErrorMessage; }
}
return onHandle(request, response);
}
final protected <T extends Service> T getService(Class<T> klazz){ return container.getService(klazz);}
protected abstract Object onHandle(Request request, Response response) throws Exception;
}
@Restrictions(
accessPolicyList={MustBeAuthenticated},
acceptedRoles={LogAuditor,BackupUser}
)
public class AddNoteRoute extends BaseRoute {
public AddNoteRoute(ServiceContainer container){ super(container);}
@Override
public Object onHandle(Request request, Response response) throws Exception {
/** do some work **/
return someSuccessMessage;
}
}
public class Main {
public static void main(String...args){
ServiceContainer container = new ServiceContainer();
container.add(new UserService(someConfiguration));
post("/addNote", new AddNoteRoute(container));
}
}
As you can see, it's much easier this way because all the checks are done in one place. Then for unrestricted access, simply do not mark a route as restricted and naturally it should be publicly accessible.
And sorry if I went off-topic.
I want using regex on route, when support ?
Thanks.