I am trying to create a basic web login/authentication system in Play. Based on Play docs Im supposed to persist data across requests through Play's Session cookie; this is what my login looks like:
def login() = Action.async(parse.json) { implicit request =>
implicit val loginInfoReads: Reads[LoginInfo] = Json.reads[LoginInfo]
val newSession = request.session +
("test" -> "yep")
// #todo: add real error handling
val unauthedUser = request.body.validate(loginInfoReads)
.getOrElse(throw new Exception("Something went wrong with the login request"))
UserService.authAndGetUser(unauthedUser.email, unauthedUser.password).map { res =>
Ok(res.name).withSession(newSession)
}
I can see the cookie included in the response cookies in Chrome dev tools, but when I make a subsequent request to get the data inside the session, I get an empty map:
Logger.debug(request.session.data.toString)
logs:
Map()
and attempting to access "test" via request.session.get("test") fails.
What am I missing here? Why is my session data not persisting across requests?
Thanks
Turned out it wasn't a Scala/Play problem, more general problem with Chrome and cookies when hitting localhost. Here's what fixed it for me:
https://stackoverflow.com/a/39233628/747340
Related
I am trying to build a simple Http Get request that requires me to submit an api key as authentication (api key as unsername and blank password). I have seen some solutions using the groovyx.net.http.HTTPBuilder library. However, the piece of code will need to be deployed in an evironment that does not allow for libraries. So I tried the following where is the url of the website i am trying to reach:
// GET
def get = new URL("<url>").openConnection();
def getRC = get.getResponseCode();
println(getRC);
if(getRC.equals(200)) {
println(get.getInputStream().getText());
}
As expected this returns error 400 since I do not include any authentication with the api key, so I tried the following where is the api key:
def get = new URL("<url>");
def authString = "<api_key>:".getBytes().encodeBase64().toString();
def conn = get.openConnection();
conn.setRequestProperty("Authorization", "Basic ${authString}");
def getRC = conn.getResponseCode();
println(getRC);
println(conn.getInputStream().getText());
But I still get the 400 error. I tried picking up the request through Fiddler but it doesn't seem to be tracking it (executing Groovy code through GroovyConsole).
The second approach works. My mistake was to not substitute spaces in the URL with % signs.
I'm getting a 407 error using scalajHTTP. I read through the repository and it seems like I should be able to pass the basic auth credentials as a base64 encoded value. I've also tried using the helper method described in the GitHub issues .proxyAuth but that is no longer part of HTTPRequest in ScalaJ according to error messages (as well as it not being in the documentation)
Any ideas? My endpoint URL is HTTPS as well as my proxy (for additional context)
val proxyHost= s"https://$forwardProxy"
val requestForward = Http(url).postData(redactedSecret)
.option(HttpOptions.allowUnsafeSSL)
.headers(("Content-Type", "application/json"), ("Proxy-Authorization", s"Basic $proxyAuth"))
.proxy(proxyHost, 8080).asString
val responseForward: HttpResponse[String] = requestForward
This issued posted in Github but still not resolved, https://github.com/scalaj/scalaj-http/issues/87
I found a solution to this problem. I researched around and after trying http client libraries, I kept getting 407 errors even though they all support proxy auth. Anyway, I ended up having to do the following.
add
import java.net.{Authenticator,PasswordAuthentication}
and the modified code body that I previously above looks like:
val requestForward: HttpRequest = Http(url).postData(data)
.header("Content-Type", "application/json")
.proxy(proxyHost, 8080)
.option(HttpOptions.allowUnsafeSSL)
Authenticator.setDefault(new Authenticator() {
override def getPasswordAuthentication(): PasswordAuthentication = {
new PasswordAuthentication( s"$username", s"$password".toCharArray())
}
})
So as you can see I removed the header from the original request object and instead overrode the credentials. Make sure you do this before you call on the response object.
Or more precisely...
I already have an error page route defined like so:
GET /error controllers.pages.ErrorController.page(msg: String, returnTo: String)
And a controller method like this:
object ErrorController extends Controller {
def page(msg: String, returnTo: String) = ReceiverRestricted { implicit req =>
val action = List(Button(F8, "Continue", Call("GET", returnTo)))
Results.Ok(views.html.base(Html("Oops"), List(Html(msg)), None, action))
}
}
If I programmatically call, say, ErrorController.page("You did something daft!", "/home") I get to a page that looks like I want, ie:
Oops
You did something daft!
F8 Continue
However the url is ugly:
http://localhost:9000/error?msg=You%20did%20something%20daft!&returnTo=/home
I want to change this so the msg= query parameter doesn't appear in the url. How can I accomplish this? I tried removing the query parameter and redirecting to the error page with the message passed in via the flash cookie - that worked but reloading the browser page loses the message. I can't use the session cookie because I already store other data in the session almost upto its limit.
You can use flash feature.
Here is a sample:
In your controller you can redirect the user to error page with:
Redirect("/error").flashing(
"reason" -> "The item has been created"
)
And in Error action:
def error = Action { implicit request =>
Ok {
val reason = flash.get("reason").getOrElse("General Error")
//DO your stuff with reason variable
}
}
Obviously you can have as many as flash variables you want.
Since Play is restful and stateless, I can't see an easy way to pass on an error message during a redirect without using Play's flash. Of course you could store the message in an temporary cookie in the browser. Another possibility could be to store it in your database (or whatever persistence technology you use), but this seems to be like cracking a nut with a sledgehammer.
I connect to twitter streaming API using Play 2.2 WS API in the code example below. I'm stuck trying to figure out how to disconnect from stream once it's established. Is there any proper way to do that rather than stopping application? Any help will be appreciated.
def watchTweets(keywords : String) = Action { implicit request =>
Logger.debug(s"watchTweets invoked with: $keywords")
val (tweetsOut, tweetChanel) = Concurrent.broadcast[JsValue]
WS.url(s"https://stream.twitter.com/1.1/statuses/filter.json?track=" + URLEncoder.encode(keywords, "UTF-8"))
.sign(OAuthCalculator(Twitter.KEY, Twitter.sessionTokenPair.get))
.postAndRetrieveStream("")(headers => Iteratee.foreach[Array[Byte]] { ba =>
val msg = new String(ba, "UTF-8")
Logger.debug(s"received message: $msg")
val tweet = Json.parse(msg)
tweetChanel.push(tweet)
}).flatMap(_.run)
Ok.chunked(tweetsOut &> Comet(callback = "parent.cometMessage")) }
This is a known issue... the answer is that you close the connection, but the problem is, the enumerator won't notice that the connection is closed until it tries to feed a tweet to the client, and that won't happen until it receives another tweet from Twitter, which might take a long time to happen.
This is of course a problem when doing Twitter streaming because Twitter will only let a user create one stream at a time, so that effectively means that you can't do a second stream until the first receives some data.
Unfortunately we don't have a work around as yet, but we are looking at introducing a new lower level streaming API into Play around the 2.4 time line, which will certainly allow this.
I'm developing an application using Play framework in scala. I have to handle the below use case in my application.
For a particular request from the browser to the play server the Play server should make an http request to some external server (for Eg: somesite.com) and send the response from this request back to the web browser.
I have written the below code to send the request to external serever in the controller.
val holder = WS.url("http://somesite.com")
val futureResponse = holder.get
Now how do I send back the response recieved from "somesite.com" back to the browser?
There's an example in the Play documentation for WS, under Using in a controller; I've adapted it to your scenario:
def showSomeSiteContent = Action.async {
WS.url("http://somesite.com").get().map { response =>
Ok(response.body)
}
}
The key thing to note is the idiomatic use of map() on the Future that you get back from the get call - code inside this map block will be executed once the Future has completed successfully.
The Action.async "wrapper" tells the Play framework that you'll be returning a Future[Response] and that you want it to do the necessary waiting for things to happen, as explained in the Handling Asynchronous Results documentation.
You may also be interested in dynamically returning the status and content type:
def showSomeSiteContent = Action.async {
WS.url("http://somesite.com").get().map { response =>
Status(response.status)(response.body).as(response.ahcResponse.getContentType)
}
}
Dynamic status could help if the URL/service you call fails to answer correctly.
Dynamic content type can be handy if your URL/service can return different content HTML/XML... depending on some dynamic parameter.