Scala Play Framework 和 Silhouette 身份验证失败时如何记录用户凭据
How to log user credentials when authentication fails with Scala Play Framework and Silhouette
我有一个使用轮廓的安全操作,如下所示:
def data: Action[JsValue] = silhouette.SecuredAction(errorHandler).async(parse.json) { implicit request =>
...
我想在用户身份验证失败时记录消息。最好是用于验证的用户名 he/she。我找不到执行此操作的方法。
最后我发现创建我自己的 AuthProvider(或者更确切地说覆盖现有的 BasicAuthProvider)并添加一个 MarkerContext 是最简单的。像这样:
class BasicAuthProvider @Inject()(
override protected val authInfoRepository: AuthInfoRepository,
override protected val passwordHasherRegistry: PasswordHasherRegistry)(implicit override val executionContext: ExecutionContext)
extends providers.BasicAuthProvider(authInfoRepository, passwordHasherRegistry)(executionContext) {
/**
* Authenticates an identity based on credentials sent in a request.
*
* @param request The request.
* @tparam B The type of the body.
* @return Some login info on successful authentication or None if the authentication was unsuccessful.
*/
override def authenticate[B](request: Request[B]): Future[Option[LoginInfo]] = {
getCredentials(request) match {
case Some(credentials) =>
val loginInfo = LoginInfo(id, credentials.identifier)
val marker: org.slf4j.Marker =
MarkerFactory.getMarker(loginInfo.toString)
implicit val mc: MarkerContext = MarkerContext(marker)
authenticate(loginInfo, credentials.password).map {
case Authenticated => Some(loginInfo)
case InvalidPassword(error) =>
logger.warn(error)
None
case UnsupportedHasher(error) => throw new ConfigurationException(error)
case NotFound(error) =>
logger.warn(error)
None
}
case None => Future.successful(None)
}
}
}
我有一个使用轮廓的安全操作,如下所示:
def data: Action[JsValue] = silhouette.SecuredAction(errorHandler).async(parse.json) { implicit request =>
...
我想在用户身份验证失败时记录消息。最好是用于验证的用户名 he/she。我找不到执行此操作的方法。
最后我发现创建我自己的 AuthProvider(或者更确切地说覆盖现有的 BasicAuthProvider)并添加一个 MarkerContext 是最简单的。像这样:
class BasicAuthProvider @Inject()(
override protected val authInfoRepository: AuthInfoRepository,
override protected val passwordHasherRegistry: PasswordHasherRegistry)(implicit override val executionContext: ExecutionContext)
extends providers.BasicAuthProvider(authInfoRepository, passwordHasherRegistry)(executionContext) {
/**
* Authenticates an identity based on credentials sent in a request.
*
* @param request The request.
* @tparam B The type of the body.
* @return Some login info on successful authentication or None if the authentication was unsuccessful.
*/
override def authenticate[B](request: Request[B]): Future[Option[LoginInfo]] = {
getCredentials(request) match {
case Some(credentials) =>
val loginInfo = LoginInfo(id, credentials.identifier)
val marker: org.slf4j.Marker =
MarkerFactory.getMarker(loginInfo.toString)
implicit val mc: MarkerContext = MarkerContext(marker)
authenticate(loginInfo, credentials.password).map {
case Authenticated => Some(loginInfo)
case InvalidPassword(error) =>
logger.warn(error)
None
case UnsupportedHasher(error) => throw new ConfigurationException(error)
case NotFound(error) =>
logger.warn(error)
None
}
case None => Future.successful(None)
}
}
}