Giter VIP home page Giter VIP logo

silhouette-rest-seed's Introduction

Silhouette REST Seed

Example project for Play Framework that use Silhouette for authentication and authorization, expose rest api for signup, signin and social authentication.

Basic usage

Sign-up

curl -X POST http://localhost:9000/auth/signup -H 'Content-Type: application/json' -d '{"firstName": "Alessandro", "lastName": "Random", "identifier": "[email protected]", "password": "ohmygodthispasswordisverystrong!"}' -v
< HTTP/1.1 200 OK
< Content-Type: application/json; charset=utf-8
< X-Auth-Token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVC...

{
  "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVC...",
  "expiresOn": "2015-02-20T10:35:42.813+01:00"
}

Sign-in

Not necessary just after the sign-up because you already have a valid token.

curl -X POST http://localhost:9000/auth/signin/credentials -H 'Content-Type: application/json' -d '{"identifier": "[email protected]", "password": "ohmygodthispasswordisverystrong!"}' -v
< HTTP/1.1 200 OK
< Content-Type: application/json; charset=utf-8
< X-Auth-Token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVC...

{
  "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVC...",
  "expiresOn": "2015-02-20T10:35:42.813+01:00"
}

Check if a request is authenticated

curl http://localhost:9000 -H 'X-Auth-Token:eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVC...' -v
< HTTP/1.1 200 OK
< Content-Type: application/json; charset=utf-8

{
	"id":"0711b0ea-0935-4697-9b0d-6a1fa7233166",
	"loginInfo":{
		"providerID":"credentials",
		"providerKey":"[email protected]"
	},
	"email":"[email protected]",
	"info":{
		"firstName":"Alessandro",
		"lastName":"Random",
		"fullName":"Alessandro Random"
	},
	"roles":["user"]
}

Secured Action with autorization

The token must belong to a user with Admin role

curl http://localhost:9000/onlygodoruser -H 'X-Auth-Token:eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVC...' -v
< HTTP/1.1 200 OK
< Content-Type: application/json; charset=utf-8

{"result":"Oh yess GOD"}

Features

  • Sign Up
  • Sign In (Credentials)
  • Authorization
  • Dependency Injection with Cake Pattern
  • Publishing Events
  • Avatar service
  • Mail service

Documentation

Consultate the Silhouette documentation for more information. If you need help with the integration of Silhouette into your project, don't hesitate and ask questions in our mailing list or on Stack Overflow.

Next Features

  • Link logged user with one or more social profile (already done, but not tested yet!)
  • Custom avatar service

License

The code is licensed under Apache License v2.0.

silhouette-rest-seed's People

Contributors

datalek avatar mborgmann avatar stephenmuss avatar

Stargazers

Miguel Gil avatar Sam Wigley avatar Grant McGovern avatar avatar dqd avatar avatar K68 avatar Joe Powell avatar Mykola Yashchenko avatar Sergey Maximov avatar Taylor Robison avatar Oscar García avatar Marco Patiño avatar Hans Hsu avatar Hristo Ganev avatar avatar Farouk HAMA ISSA avatar Wei Zhang avatar avatar avatar ... avatar Alexander Sidorenko avatar kso avatar Shunsuke Wada avatar The Viet Nguyen avatar avatar R. de Wilde avatar avatar Ahmad Melegy avatar avatar avatar Martynas M avatar Carlos Alexandre Fattor avatar avatar Robert Schanafelt avatar Simon Garnier avatar dejvid avatar avatar federico silva avatar avatar Rayron Victor avatar Owen Nelson avatar Albert Chau avatar avatar probe avatar Alan Chen avatar Grant Zvolský avatar Glaydston Veloso avatar Jisoo Park avatar RyuGou avatar Timur Khamrakulov avatar Michael Myers avatar Rowland Watkins avatar David Peterson avatar Denys Kovalevskyi avatar

Watchers

Christian Kaps avatar Grant Zvolský avatar Denys Kovalevskyi avatar James Cloos avatar avatar avatar avatar

Forkers

rowlandwatkins lin-zhao guxg andreyladniy muki-skywalker bdrachinsky yuch3n renexdev mootech jasonzoladz mborgmann yannkechichian ptagr alexanderscott kindlychung technovigno shaddysignal talachutla arun-arkitechs

silhouette-rest-seed's Issues

How do you test your controllers?

I'm trying to test my controllers using the Silhouette Testkit following the documentation with a JWTAuthenticator instead of a CookieAuthenticator but I always get a 401 http status. This is the exception:

[�[31merror�[0m] c.m.p.s.a.e.AuthenticationException - [Silhouette][jwt-authenticator] Error on parsing JWT token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE0MjU2OTY3OTksInN1YiI6Ijc4MGViNmNlYmE2OTg4Mjc4ZjVjM2Q1MDQ3YzU0NTM2YjE5Njg1NzJmNWIyNWRmOTJjZGI1M2VlN2M0YjJlYzFiYWEwZGJmY2JkMjIwNzQ4NzU4YjcyYzliZGYyZDY0MzUzZGJhOWQ2MmI2NGZmZjY3Y2Q1MDBjYTFkNGFhMWYwIiwiaXNzIjoicGxheS1zaWxob3VldHRlIiwianRpIjoiMWY5OWEzMjYxOTM4OTFmM2I0NjU0MDQwYTEyYzExZjJiY2M1NDkyM2FkMTk0NWY5ZGNkOTBkNGE4ZGIxOTlkMzk3ZWRmNWZmNmNjYTgxNzVhYjc5ZWIyY2ZjYzE0ZTgzZjUwZWY2ZjNjZWMwMDQzMDUxYzQ2ZDI4MzcwYzZjYjllYmUwNGE2M2JjMmY1ZWJmY2RiNTE3MWIxOWJhMWRiNmJjMzE0YjMzNDNkMjkzNGU0MjM0MWFiNTVjM2QxZTZiNDBmYjAxNzJiMjNlOWYxNDdlZjMwNjlhZWY0NDM3NTE5ODc1NzI2N2M5NzdhMmNlZGQ1ZWY1YzVlZTdkNGU3OCIsImlhdCI6MTQyNTY1MzU5OX0.vuK9hUfB4J8oA59f3IvW-y8xKr_C-oNOZA1g40GL0ak
java.lang.IllegalArgumentException: Fraudulent JWT token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE0MjU2OTY3OTksInN1YiI6Ijc4MGViNmNlYmE2OTg4Mjc4ZjVjM2Q1MDQ3YzU0NTM2YjE5Njg1NzJmNWIyNWRmOTJjZGI1M2VlN2M0YjJlYzFiYWEwZGJmY2JkMjIwNzQ4NzU4YjcyYzliZGYyZDY0MzUzZGJhOWQ2MmI2NGZmZjY3Y2Q1MDBjYTFkNGFhMWYwIiwiaXNzIjoicGxheS1zaWxob3VldHRlIiwianRpIjoiMWY5OWEzMjYxOTM4OTFmM2I0NjU0MDQwYTEyYzExZjJiY2M1NDkyM2FkMTk0NWY5ZGNkOTBkNGE4ZGIxOTlkMzk3ZWRmNWZmNmNjYTgxNzVhYjc5ZWIyY2ZjYzE0ZTgzZjUwZWY2ZjNjZWMwMDQzMDUxYzQ2ZDI4MzcwYzZjYjllYmUwNGE2M2JjMmY1ZWJmY2RiNTE3MWIxOWJhMWRiNmJjMzE0YjMzNDNkMjkzNGU0MjM0MWFiNTVjM2QxZTZiNDBmYjAxNzJiMjNlOWYxNDdlZjMwNjlhZWY0NDM3NTE5ODc1NzI2N2M5NzdhMmNlZGQ1ZWY1YzVlZTdkNGU3OCIsImlhdCI6MTQyNTY1MzU5OX0.vuK9hUfB4J8oA59f3IvW-y8xKr_C-oNOZA1g40GL0ak
    at com.mohiva.play.silhouette.impl.authenticators.JWTAuthenticatorService$$anonfun$unserialize$2.apply(JWTAuthenticator.scala:301) ~[play-silhouette_2.11-2.0-RC1.jar:2.0-RC1]
    at com.mohiva.play.silhouette.impl.authenticators.JWTAuthenticatorService$$anonfun$unserialize$2.apply(JWTAuthenticator.scala:297) ~[play-silhouette_2.11-2.0-RC1.jar:2.0-RC1]
    at scala.util.Try$.apply(Try.scala:191) ~[scala-library-2.11.5.jar:na]
    at com.mohiva.play.silhouette.impl.authenticators.JWTAuthenticatorService.unserialize(JWTAuthenticator.scala:297) ~[play-silhouette_2.11-2.0-RC1.jar:2.0-RC1]
    at com.mohiva.play.silhouette.impl.authenticators.JWTAuthenticatorService$$anonfun$retrieve$3.apply(JWTAuthenticator.scala:144) [play-silhouette_2.11-2.0-RC1.jar:2.0-RC1]
[�[31merror�[0m] c.m.p.s.a.e.AuthenticationException - [Silhouette][jwt-authenticator] Error on parsing JWT token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE0MjU2OTY3OTksInN1YiI6Ijc4MGViNmNlYmE2OTg4Mjc4ZjVjM2Q1MDQ3YzU0NTM2YjE5Njg1NzJmNWIyNWRmOTJjZGI1M2VlN2M0YjJlYzFiYWEwZGJmY2JkMjIwNzQ4NzU4YjcyYzliZGYyZDY0MzUzZGJhOWQ2MmI2NGZmZjY3Y2Q1MDBjYTFkNGFhMWYwIiwiaXNzIjoicGxheS1zaWxob3VldHRlIiwianRpIjoiMWY5OWEzMjYxOTM4OTFmM2I0NjU0MDQwYTEyYzExZjJiY2M1NDkyM2FkMTk0NWY5ZGNkOTBkNGE4ZGIxOTlkMzk3ZWRmNWZmNmNjYTgxNzVhYjc5ZWIyY2ZjYzE0ZTgzZjUwZWY2ZjNjZWMwMDQzMDUxYzQ2ZDI4MzcwYzZjYjllYmUwNGE2M2JjMmY1ZWJmY2RiNTE3MWIxOWJhMWRiNmJjMzE0YjMzNDNkMjkzNGU0MjM0MWFiNTVjM2QxZTZiNDBmYjAxNzJiMjNlOWYxNDdlZjMwNjlhZWY0NDM3NTE5ODc1NzI2N2M5NzdhMmNlZGQ1ZWY1YzVlZTdkNGU3OCIsImlhdCI6MTQyNTY1MzU5OX0.vuK9hUfB4J8oA59f3IvW-y8xKr_C-oNOZA1g40GL0ak
java.lang.IllegalArgumentException: Fraudulent JWT token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE0MjU2OTY3OTksInN1YiI6Ijc4MGViNmNlYmE2OTg4Mjc4ZjVjM2Q1MDQ3YzU0NTM2YjE5Njg1NzJmNWIyNWRmOTJjZGI1M2VlN2M0YjJlYzFiYWEwZGJmY2JkMjIwNzQ4NzU4YjcyYzliZGYyZDY0MzUzZGJhOWQ2MmI2NGZmZjY3Y2Q1MDBjYTFkNGFhMWYwIiwiaXNzIjoicGxheS1zaWxob3VldHRlIiwianRpIjoiMWY5OWEzMjYxOTM4OTFmM2I0NjU0MDQwYTEyYzExZjJiY2M1NDkyM2FkMTk0NWY5ZGNkOTBkNGE4ZGIxOTlkMzk3ZWRmNWZmNmNjYTgxNzVhYjc5ZWIyY2ZjYzE0ZTgzZjUwZWY2ZjNjZWMwMDQzMDUxYzQ2ZDI4MzcwYzZjYjllYmUwNGE2M2JjMmY1ZWJmY2RiNTE3MWIxOWJhMWRiNmJjMzE0YjMzNDNkMjkzNGU0MjM0MWFiNTVjM2QxZTZiNDBmYjAxNzJiMjNlOWYxNDdlZjMwNjlhZWY0NDM3NTE5ODc1NzI2N2M5NzdhMmNlZGQ1ZWY1YzVlZTdkNGU3OCIsImlhdCI6MTQyNTY1MzU5OX0.vuK9hUfB4J8oA59f3IvW-y8xKr_C-oNOZA1g40GL0ak
    at com.mohiva.play.silhouette.impl.authenticators.JWTAuthenticatorService$$anonfun$unserialize$2.apply(JWTAuthenticator.scala:301) ~[play-silhouette_2.11-2.0-RC1.jar:2.0-RC1]
    at com.mohiva.play.silhouette.impl.authenticators.JWTAuthenticatorService$$anonfun$unserialize$2.apply(JWTAuthenticator.scala:297) ~[play-silhouette_2.11-2.0-RC1.jar:2.0-RC1]
    at scala.util.Try$.apply(Try.scala:191) ~[scala-library-2.11.5.jar:na]
    at com.mohiva.play.silhouette.impl.authenticators.JWTAuthenticatorService.unserialize(JWTAuthenticator.scala:297) ~[play-silhouette_2.11-2.0-RC1.jar:2.0-RC1]
    at com.mohiva.play.silhouette.impl.authenticators.JWTAuthenticatorService$$anonfun$retrieve$3.apply(JWTAuthenticator.scala:144) [play-silhouette_2.11-2.0-RC1.jar:2.0-RC1]UserController should

'401' is not equal to '201'

Add tests

for example:

package controllers

import org.specs2.mutable._
import play.api.test._
import com.mohiva.play.silhouette.test._
import com.mohiva.play.silhouette.api.LoginInfo
import com.mohiva.play.silhouette.impl.authenticators.JWTAuthenticator
import models.users._
import models.authorizations._

class RestApplicationControllerSpec extends PlaySpecification {

  val baseInfo = BaseInfo(
    firstName = Some("Ale"),
    lastName = Some("Random"),
    fullName = None,
    gender = Some("M"))
  val user = User(
    id = java.util.UUID.randomUUID.toString,
    loginInfo = LoginInfo("facebook", "[email protected]"),
    socials = None,
    email = None,
    username = None,
    avatarUrl = None,
    info = baseInfo,
    roles = Set(SimpleUser))

  "The `user` method" should {
    "return status 200 if authenticator and identity was found" in new WithApplication {
      val identity = user
      implicit val fakeEnv = FakeEnvironment[User, JWTAuthenticator](Seq(identity.loginInfo -> identity))
      val request = FakeRequest().withAuthenticator(identity.loginInfo)

      val controller = new controllers.RestApplicationController {
        override implicit lazy val env = fakeEnv
      }
      val result = controller.onlyGodOrUser(request)

      status(result) must equalTo(OK)
      contentAsString(result) mustEqual "{\"result\":\"Oh yess GOD\"}"
    }
  }

}

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.