DZone
Java Zone
Thanks for visiting DZone today,
Edit Profile
  • Manage Email Subscriptions
  • How to Post to DZone
  • Article Submission Guidelines
Sign Out View Profile
  • Post an Article
  • Manage My Drafts
Over 2 million developers have joined DZone.
Log In / Join
  • Refcardz
  • Trend Reports
  • Webinars
  • Zones
  • |
    • Agile
    • AI
    • Big Data
    • Cloud
    • Database
    • DevOps
    • Integration
    • IoT
    • Java
    • Microservices
    • Open Source
    • Performance
    • Security
    • Web Dev
DZone > Java Zone > Authentication Using Actions in Play Framework

Authentication Using Actions in Play Framework

Actions play an important role when you're using the Play Framework, particularly when determining controller behavior. Read on for some helpful code snippets to help you master them.

Geetika Gupta user avatar by
Geetika Gupta
·
Jul. 04, 17 · Java Zone · Tutorial
Like (6)
Save
Tweet
7.74K Views

Join the DZone community and get the full member experience.

Join For Free

Actions plays an important role in Play Framework, the requests received by a Play application are handled by an Action. Action composition is an incredibly powerful way to enhance or restrict controller behaviour. In Play Framework controllers consist of methods that create Action objects to handle the incoming requests.

A play.api.mvc.Action is basically a (play.api.mvc.Request => play.api.mvc.Result) function that handles a request and generates a result to be sent to the client. 

We can provide authentication to our application by using the ActionBuilder trait. To implement ActionBuilder we need to implement the invokeBlock method, which takes the current request and a block of code as arguments.

def invokeBlock[A](request: Request[A], block: (Request[A]) => Future[Result])

Customizing Your ActionBuilder

Suppose in your application you want some operations to be performed on every request, for that you can create your own ActionBuilder and perform the operations in it.

Firstly you need to extend the ActionBuilder and provide implementation for the invokeBlock method.

In our use case, suppose we want every request with a parameter  username  in the request header, set to either ‘Jake’, ‘Alex’, ‘Ryan’, or ‘Nicholas’. Only they will be able to access our application, then we can write our code as:

case class UserRequest[A](val userName: String, val request: Request[A])
  extends WrappedRequest[A](request)
object SecuredAction extends ActionBuilder[UserRequest] {

  override def invokeBlock[A](request: Request[A],
      block: (UserRequest[A]) => Future[Result]): Future[Result] = {
    val userName = request.headers.get("username").fold("")(identity)
    if (UserService.getAllUsers().contains(User(userName))) {
      block(UserRequest(userName, request))
    } else {
      Future.successful(Results.Unauthorized("Unauthorized access !!"))
    }
  }
}

All the other requests with different username in header are given an ‘Unauthorized access’ message. Using this, only some of the authorized users will be able to access our application, response to other requests will be sent back from the invokeBlock itself and your controller code will not be executed.

Here is a simple application demonstration: Play Authentication.

Happy Learning !! 

Play Framework Framework authentication application Requests

Published at DZone with permission of Geetika Gupta, DZone MVB. See the original article here.

Opinions expressed by DZone contributors are their own.

Popular on DZone

  • 7 Tips for Using Instrumentation and Metrics To Align Site Reliability With Business Goals
  • Exhaustive JUNIT5 Testing with Combinations, Permutations, and Products
  • Data Science Project Folder Structure
  • What Developers Need to Know About Table Partition Pruning

Comments

Java Partner Resources

X

ABOUT US

  • About DZone
  • Send feedback
  • Careers
  • Sitemap

ADVERTISE

  • Advertise with DZone

CONTRIBUTE ON DZONE

  • Article Submission Guidelines
  • MVB Program
  • Become a Contributor
  • Visit the Writers' Zone

LEGAL

  • Terms of Service
  • Privacy Policy

CONTACT US

  • 600 Park Offices Drive
  • Suite 300
  • Durham, NC 27709
  • support@dzone.com
  • +1 (919) 678-0300

Let's be friends:

DZone.com is powered by 

AnswerHub logo