extractCredentials
Signature
def extractCredentials: Directive1[Option[HttpCredentials]]
Description
Extracts the potentially present HttpCredentials
provided with the request’s Authorization
header, which can be then used to implement some custom authentication or authorization logic.
See Credentials and password timing attacks for details about verifying the secret.
Example
val route =
extractCredentials { creds =>
complete {
creds match {
case Some(c) => "Credentials: " + c
case _ => "No credentials"
}
}
}
// tests:
val johnsCred = BasicHttpCredentials("John", "p4ssw0rd")
Get("/") ~> addCredentials(johnsCred) ~> // adds Authorization header
route ~> check {
responseAs[String] shouldEqual "Credentials: Basic Sm9objpwNHNzdzByZA=="
}
Get("/") ~> route ~> check {
responseAs[String] shouldEqual "No credentials"
}