webmachine 并重定向未经身份验证的用户

发布于 2024-12-08 17:55:16 字数 971 浏览 0 评论 0原文

在我的新项目中，我想使用 webmachine 和 mochiweb。我想做的第一件事是身份验证。

我编辑“dispatch.conf”并创建一些资源，例如：

{["auth"], my_res_auth, []}.
{["protected"], my_res_protected, []}.
{['*'], my_res_default, []}.

当某人访问“受保护”资源时，如果他未登录，我想将他重定向到“auth”资源。“auth”资源包含带有用户名和密码的Web表单，它完成所有身份验证工作。

我将这样的代码放在 my_res_protected.erl 中：

is_authorized(ReqData, State) ->
    case my_auth:is_authorized(ReqData) of
        true -> {true, ReqData, State};
        false ->
            % here should be something to redirect user to "auth" resource
            % currently i put such thing, which is incorrect:
            {true, wrq:do_redirect(true, wrq:set_resp_header("location", "/auth", ReqData)), State}
            % dont know what should i put instead of "true"
    end.

我用谷歌搜索了一些示例如何操作它，但不喜欢我应该把这个功能放在所有资源中，这需要身份验证。

有什么办法可以做到吗？

原文

In my new project I want to use webmachine and mochiweb. First thing i want to do is authentication.

I edit "dispatch.conf" and make some resources, like:

{["auth"], my_res_auth, []}.
{["protected"], my_res_protected, []}.
{['*'], my_res_default, []}.

When some one access "protected" resource i want to redirect him to "auth" resource if he not logged in. "auth" resource contains web form with user name and password, it do all auth work.

I put such code inside of my_res_protected.erl:

is_authorized(ReqData, State) ->
    case my_auth:is_authorized(ReqData) of
        true -> {true, ReqData, State};
        false ->
            % here should be something to redirect user to "auth" resource
            % currently i put such thing, which is incorrect:
            {true, wrq:do_redirect(true, wrq:set_resp_header("location", "/auth", ReqData)), State}
            % dont know what should i put instead of "true"
    end.

i googled some example of how to do it, but dont like that i should have to put this functions in all resources, which requires auth.

Is there any way to do it?

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

记忆里有你的影子 2024-12-15 17:55:16

我认为我找到了正确的方法，将此代码放入 auth.hrl 文件并将其包含在我的资源中

is_authorized(ReqData, State) ->
    case my_auth:is_authorized(ReqData) of
        true -> {true, ReqData, State};
        false ->
            % there i got address, to which should i redirect
            % this address is defined in dispatch.conf
            % and walk trough my_res_protected:init/1 into State
            case proplists:get_value(do_redirect, State, false) of
                false ->
                    {{halt, 401}, wrq:set_resp_header(
                            "Content-type", "text/plain",
                            wrq:set_resp_body("NOT AUTHORIZED", ReqData)
                        ), State};
                Location ->
                    {{halt, 302}, wrq:set_resp_header("Location", Location, ReqData), State}
            end
    end.

i think i found right way, put this code into auth.hrl file and include it in my resources

is_authorized(ReqData, State) ->
    case my_auth:is_authorized(ReqData) of
        true -> {true, ReqData, State};
        false ->
            % there i got address, to which should i redirect
            % this address is defined in dispatch.conf
            % and walk trough my_res_protected:init/1 into State
            case proplists:get_value(do_redirect, State, false) of
                false ->
                    {{halt, 401}, wrq:set_resp_header(
                            "Content-type", "text/plain",
                            wrq:set_resp_body("NOT AUTHORIZED", ReqData)
                        ), State};
                Location ->
                    {{halt, 302}, wrq:set_resp_header("Location", Location, ReqData), State}
            end
    end.

回复收藏 0 原文