Joined December 2014
·

Maya

Software Engineer at First Factory Inc
·
Costa Rica
·
·
·

Posted to CORS directive for Spray over 1 year ago

Great project! Already using it in a QA env. I'm just curious about how would you handle spray authentication?

Something like:

cors {
pathPrefix ("api") {
authenticate (myAuthenticator) { user =>
path ("detail") {
get {
....
}
}
}
}
}

Since CORS 'preflight OPTIONS request' does not allow to set Credentials nor Authorization Header, I had to add an extra validation to your original code here (CorsSupport.scala, line 19 of your original code):

case Rejected(x) if (ctx.request.method.equals(HttpMethods.OPTIONS) && !x.filter(.isInstanceOf[MethodRejection]).isEmpty) || /extra validation/
(ctx.request.method.equals(HttpMethods.OPTIONS) && x.exists(
.asInstanceOf[AuthenticationFailedRejection].cause.toString == "CredentialsMissing")) => { ... }

You think there is a better way to do this? Thanks :)

Achievements
1 Karma
0 Total ProTip Views