Silhouette

Play provides a simple filter API for applying global filters to each request. Such a filter is basically the same as an action. It produces a request and returns a result. So it's possible to use the actions provided by Silhouette inside a filter to create a global authentication mechanism.

Next, you can find a simple example which shows how you could implement a filter to restrict access to a route.

class SecuredFilter @Inject() (silhouette: Silhouette[DefaultEnv], bodyParsers: PlayBodyParsers) extends Filter {

  override def apply(next: RequestHeader => Future[Result])(
    request: RequestHeader): Future[Result] = {
    
    // As the body of request can't be parsed twice in Play we should force 
    // to parse empty body for UserAwareAction
    val action = silhouette.UserAwareAction.async(bodyParsers.empty) { r =>
      request.path match {
        case "/admin" if r.identity.isEmpty => Future.successful(Unauthorized)
        case _ => next(request)
      }
    }

    action(request).run
  }
}

Info

Please refer to the Play Framework Documentation for how filters can be applied to your application.

Updated about an hour ago


What's Next

Authorization

Filters


Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.