This repository has been archived by the owner on Nov 29, 2021. It is now read-only.
/
SignedCookieExample.scala
70 lines (54 loc) · 2.13 KB
/
SignedCookieExample.scala
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
package http4sExamples
import java.util.UUID
import cats.Id
import cats.effect.IO
import cats.syntax.semigroupk._
import org.http4s.HttpRoutes
import org.http4s.dsl.io._
import tsec.authentication._
import tsec.mac.jca.{HMACSHA256, MacSigningKey}
import scala.concurrent.duration._
object SignedCookieExample {
import ExampleAuthHelpers._
type AuthService = TSecAuthService[User, AuthenticatedCookie[HMACSHA256, Int], IO]
val cookieBackingStore: BackingStore[IO, UUID, AuthenticatedCookie[HMACSHA256, Int]] =
dummyBackingStore[IO, UUID, AuthenticatedCookie[HMACSHA256, Int]](_.id)
// We create a way to store our users. You can attach this to say, your doobie accessor
val userStore: BackingStore[IO, Int, User] = dummyBackingStore[IO, Int, User](_.id)
val settings: TSecCookieSettings = TSecCookieSettings(
cookieName = "tsec-auth",
secure = false,
expiryDuration = 10.minutes, // Absolute expiration time
maxIdle = None // Rolling window expiration. Set this to a FiniteDuration if you intend to have one
)
//Our Signing key. Instantiate in a safe way using generateKey[F] where F[_]: Sync
val key: MacSigningKey[HMACSHA256] = HMACSHA256.generateKey[Id]
val cookieAuth =
SignedCookieAuthenticator(
settings,
cookieBackingStore,
userStore,
key
)
val Auth =
SecuredRequestHandler(cookieAuth)
val service1: AuthService = TSecAuthService {
//Where user is the case class User above
case request @ GET -> Root / "api" asAuthed user =>
/*
Note: The request is of type: SecuredRequest, which carries:
1. The request
2. The Authenticator (i.e token)
3. The identity (i.e in this case, User)
*/
val r: SecuredRequest[IO, User, AuthenticatedCookie[HMACSHA256, Int]] = request
Ok()
}
val service2: AuthService = TSecAuthService {
case request @ GET -> Root / "api2" asAuthed user =>
val r: SecuredRequest[IO, User, AuthenticatedCookie[HMACSHA256, Int]] = request
Ok()
}
val liftedService1: HttpRoutes[IO] = Auth.liftService(service1)
val liftedComposed: HttpRoutes[IO] = Auth.liftService(service1 <+> service2)
}