Great project! Already using it in a QA env. I'm just curious about how would you handle spray authentication?
Something like:
cors {
pathPrefix ("api") {
authenticate (myAuthenticator) { user =>
path ("detail") {
get {
....
}
}
}
}
}
Since CORS 'preflight OPTIONS request' does not allow to set Credentials nor Authorization Header, I had to add an extra validation to your original code here (CorsSupport.scala, line 19 of your original code):
case Rejected(x) if (ctx.request.method.equals(HttpMethods.OPTIONS) && !x.filter(.isInstanceOf[MethodRejection]).isEmpty) || /extra validation/
(ctx.request.method.equals(HttpMethods.OPTIONS) && x.exists(.asInstanceOf[AuthenticationFailedRejection].cause.toString == "CredentialsMissing")) => { ... }
You think there is a better way to do this? Thanks :)
Great project! Already using it in a QA env. I'm just curious about how would you handle spray authentication?
Something like:
cors {
pathPrefix ("api") {
authenticate (myAuthenticator) { user =>
path ("detail") {
get {
....
}
}
}
}
}
Since CORS 'preflight OPTIONS request' does not allow to set Credentials nor Authorization Header, I had to add an extra validation to your original code here (CorsSupport.scala, line 19 of your original code):
case Rejected(x) if (ctx.request.method.equals(HttpMethods.OPTIONS) && !x.filter(.isInstanceOf[MethodRejection]).isEmpty) || /extra validation/
(ctx.request.method.equals(HttpMethods.OPTIONS) && x.exists(.asInstanceOf[AuthenticationFailedRejection].cause.toString == "CredentialsMissing")) => { ... }
You think there is a better way to do this? Thanks :)