Instantly share code, notes, and snippets.

Embed
What would you like to do?
AuthFilter secures your Play 2.1.1 web application by allowing only requests that contain a secret access key. Once authenticated the secret key is stored in the session object for convenience.
package util
import play.api.mvc._
import play.api.Logger
object AuthFilter extends Filter {
val accessParam = "access_key"
val accessKey = "secret"
override def apply(next: RequestHeader => Result)(request: RequestHeader): Result = {
val param = request.getQueryString(accessParam).orElse(request.session.get(accessParam))
if (param.getOrElse() != accessKey) {
Logger.error("Non-authenticated access from host: " + request.remoteAddress)
Results.NotFound.withNewSession
} else {
next(request).withSession(request.session + (accessParam -> accessKey))
}
}
def validSession(): (String, String) = {
(accessParam, accessKey)
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment