Example project for Play Framework that use Silhouette for authentication and authorization, expose rest api for signup, signin and social authentication.
curl -X POST http://localhost:9000/auth/signup -H 'Content-Type: application/json' -d '{"firstName": "Alessandro", "lastName": "Random", "identifier": "[email protected]", "password": "ohmygodthispasswordisverystrong!"}' -v
< HTTP/1.1 200 OK
< Content-Type: application/json; charset=utf-8
< X-Auth-Token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVC...
{
"token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVC...",
"expiresOn": "2015-02-20T10:35:42.813+01:00"
}
Not necessary just after the sign-up because you already have a valid token.
curl -X POST http://localhost:9000/auth/signin/credentials -H 'Content-Type: application/json' -d '{"identifier": "[email protected]", "password": "ohmygodthispasswordisverystrong!"}' -v
< HTTP/1.1 200 OK
< Content-Type: application/json; charset=utf-8
< X-Auth-Token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVC...
{
"token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVC...",
"expiresOn": "2015-02-20T10:35:42.813+01:00"
}
curl http://localhost:9000 -H 'X-Auth-Token:eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVC...' -v
< HTTP/1.1 200 OK
< Content-Type: application/json; charset=utf-8
{
"id":"0711b0ea-0935-4697-9b0d-6a1fa7233166",
"loginInfo":{
"providerID":"credentials",
"providerKey":"[email protected]"
},
"email":"[email protected]",
"info":{
"firstName":"Alessandro",
"lastName":"Random",
"fullName":"Alessandro Random"
},
"roles":["user"]
}
The token must belong to a user with Admin role
curl http://localhost:9000/onlygodoruser -H 'X-Auth-Token:eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVC...' -v
< HTTP/1.1 200 OK
< Content-Type: application/json; charset=utf-8
{"result":"Oh yess GOD"}
- Sign Up
- Sign In (Credentials)
- Authorization
- Dependency Injection with Cake Pattern
- Publishing Events
- Avatar service
- Mail service
Consultate the Silhouette documentation for more information. If you need help with the integration of Silhouette into your project, don't hesitate and ask questions in our mailing list or on Stack Overflow.
- Link logged user with one or more social profile (already done, but not tested yet!)
- Custom avatar service
The code is licensed under Apache License v2.0.