Hi,
Our app is private, which means only the signin and related pages are
visible without authentication. I've made this Loc to protect menu
items,
val loggedIn = Loc.EarlyResponse(() =>
Full(RedirectResponse("/profile/login?returnTo="+S.uri)).filter(ignore =>
!User.loggedIn_?))
and while this works, I think there must be a better solution since:
1) It's easy to forget adding this to menu items that should be
protected (ie most in our case)
2) It's not easy to add this to MenuItems generated by Lift,
e.g. CRUDIfy entries.
So, I created this DispatchPF
LiftRules.dispatch.prepend(NamedPF("Protect") {
case Req("profile" :: "login" :: Nil , "", _) => () => Empty
case Req(_, "", _) => () =>
Full(RedirectResponse("/profile/login?returnTo="+S.uri)).filter(ignore =>
!User.loggedIn_?)
})
but it doesn't seem to work since now /profile/login gives a 404. So
basically, I have two questions
1) Is there a way for requests to "fall through" in the DispatchPF, ie
/profile/login should just be processed as usual
2) Is there a better way to accomplish this? It seems the DispatchPF
method would need to allow requests to javascript, css etc to be handled
without authentication so you would have to maintain this "whitelist"
(but this is less of a problem than maintaining the protected list)
/Jeppe
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Lift" group.
To post to this group, send email to liftweb@googlegroups.com
To unsubscribe from this group, send email to
liftweb+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/liftweb?hl=en
-~----------~----~----~----~------~----~------~--~---
