Has anyone implemented deadbolt or some other authorization mechanism with securesocial?

Question

Has anyone implemented deadbolt or some other authorization mechanism with securesocial?

I browse the web to find some kind of tutorial, but it's hard for me to find it. I guess I could just use the twitter example provided with securesocial

Example:

def onlyAdmin = SecuredAction(WithAuth("admin")) { implicit request => Ok("You could see this since you are admin") } case class WithAuth(role: String) extends Authorization { def isAuthorized(user: Identity) = { val existingDbUser = User.findUserByProviderUserId(user) existingDbUser.hasRole(role) }

User.findUserByProviderUserId(user) calls db to find the saved user and its roles. I would prefer not to call db every time and use Identity .

How would you solve this?

+4

scala authorization playframework playframework-2.1 securesocial

jakob Mar 22 '13 at 16:15

source share

1 answer

Jorge · Accepted Answer · 2013-03-26T00:44:34+0000

That would be the right approach. You can, from the UserService.save () method, return an instance of your own model (while it implements Identity). This will allow you to return the User object and then run user.hasRole (role) directly without re-querying the database. But the request needs to be made at some point.

Has anyone implemented deadbolt or some other authorization mechanism with securesocial?

More articles: