Pluggin annotation to authenticate

[cgarciae]

Currently I am using an interceptor on all /private/.* and check against a session variable to authenticate, but now I wan't create a @Private() annotation that checks the Authorization header and verifies on MongoDB that the user exits. This is what I've tried so far

class Private {

  const Private();

}

void AuthenticationPlugin(app.Manager manager) {

    manager.addRouteWrapper(Private, (metadata, Map<String,String> pathSegments, injector, app.Request request, route) async {

        var id = request.headers.authorization;

        if (id == null)
            throw new app.ErrorResponse(403, {"error": "authorization header expected"});

        var user = await dbConn.findOne
        (
            Col.user,
            User,
            where.id(StringToId(id))
        );

        if (user == null)
            throw new app.ErrorResponse(403, {"error": "Invalid ID: user does not exist"});

        return route(pathSegments, injector, request);

  }, includeGroups: true);

Notice that I am trying to use async. On one hand I am not getting an error, which give the approach some hope, on the other its not working. Is it possible to achieve what I want?

[cgarciae]

I had a bug (corrected in the code above) but now the behavior is that the request never terminates. What is happening is that it is throwing an app.ErrorResponse but this doesn't seem to terminate the request, maybe its not being caught.

[cgarciae]

Ok, fixed it. The trick was to use return instead of throw.