aboutsummaryrefslogtreecommitdiff
path: root/src/main/scala/com/drivergrp
diff options
context:
space:
mode:
authorvlad <vlad@drivergrp.com>2016-09-26 13:27:03 -0700
committervlad <vlad@drivergrp.com>2016-09-26 13:27:03 -0700
commite60d70fc01371f2f8ea27596ea91019cdc236994 (patch)
tree6e1822490d2aafb441c84ddb7f741dacf873782e /src/main/scala/com/drivergrp
parent016a0362f9eb00dc64511d9e32b920aa04ab8a48 (diff)
downloaddriver-core-e60d70fc01371f2f8ea27596ea91019cdc236994.tar.gz
driver-core-e60d70fc01371f2f8ea27596ea91019cdc236994.tar.bz2
driver-core-e60d70fc01371f2f8ea27596ea91019cdc236994.zip
401 rejections for absent permissionv0.8.8
Diffstat (limited to 'src/main/scala/com/drivergrp')
-rw-r--r--src/main/scala/com/drivergrp/core/auth.scala8
1 files changed, 7 insertions, 1 deletions
diff --git a/src/main/scala/com/drivergrp/core/auth.scala b/src/main/scala/com/drivergrp/core/auth.scala
index e9d4b84..3ffeeeb 100644
--- a/src/main/scala/com/drivergrp/core/auth.scala
+++ b/src/main/scala/com/drivergrp/core/auth.scala
@@ -1,5 +1,8 @@
package com.drivergrp.core
+import akka.http.scaladsl.model.headers.HttpChallenges
+import akka.http.scaladsl.server.AuthenticationFailedRejection.CredentialsRejected
+
object auth {
sealed trait Permission
@@ -97,7 +100,10 @@ object auth {
val token = AuthToken(Base64[Macaroon](tokenValue))
if (extractUser(token).roles.exists(_.hasPermission(permission))) provide(token)
- else reject(ValidationRejection(s"User does not have the required permission $permission"))
+ else {
+ val challenge = HttpChallenges.basic(s"User does not have the required permission $permission")
+ reject(AuthenticationFailedRejection(CredentialsRejected, challenge))
+ }
case None =>
reject(MissingHeaderRejection("WWW-Authenticate"))
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-28 10:47:53 +0000