-
Notifications
You must be signed in to change notification settings - Fork 138
Introduction
This module offers Authentication and Authorization features to Play2.x applications
This module targets the Scala version of Play2.x.
For the Java version of Play2.x, there is an authorization module called Deadbolt 2.
This module has been tested on Play2.1-RC1 and Play2.0.4.
The existing Security trait in Play2.x API does not define an identifier that identifies a user.
If you use an Email or a userID as an identier, users can not invalidate their session if the session cookie is intercepted.
This module creates a unique SessionID using a secure random number generator. Even if the sessionId cookie is intercepted, users can invalidate the session by logging in again. Your application can expire sessions after a set time limit.
Since the Security trait in Play2.x API returns Action,
complicated action methods wind up deeply nested.
Play2x-Auth provides an interface that returns an Either[PlainResult, User]
making writing complicated action methods easier. Either is a wrapper similar to Option