2015-05-11 23:05:18 +02:00
|
|
|
.. _-authorize-:
|
|
|
|
|
|
|
|
|
|
authorize
|
|
|
|
|
=========
|
|
|
|
|
|
|
|
|
|
Signature
|
|
|
|
|
---------
|
|
|
|
|
|
2015-06-19 15:35:24 +02:00
|
|
|
.. includecode2:: /../../akka-http/src/main/scala/akka/http/scaladsl/server/directives/SecurityDirectives.scala
|
2015-05-11 23:05:18 +02:00
|
|
|
:snippet: authorize
|
|
|
|
|
|
|
|
|
|
Description
|
|
|
|
|
-----------
|
2015-10-09 15:19:36 +02:00
|
|
|
Applies the given authorization check to the request.
|
2015-05-11 23:05:18 +02:00
|
|
|
|
2015-10-01 13:25:41 +02:00
|
|
|
The user-defined authorization check can either be supplied as a ``=> Boolean`` value which is calculated
|
|
|
|
|
just from information out of the lexical scope, or as a function ``RequestContext => Boolean`` which can also
|
|
|
|
|
take information from the request itself into account.
|
|
|
|
|
|
|
|
|
|
If the check returns ``true`` the request is passed on to the inner route unchanged, otherwise an
|
|
|
|
|
``AuthorizationFailedRejection`` is created, triggering a ``403 Forbidden`` response by default
|
|
|
|
|
(the same as in the case of an ``AuthenticationFailedRejection``).
|
|
|
|
|
|
|
|
|
|
In a common use-case you would check if a user (e.g. supplied by any of the ``authenticate*`` family of directives,
|
|
|
|
|
e.g. :ref:`-authenticateBasic-`) is allowed to access the inner routes, e.g. by checking if the user has the needed permissions.
|
|
|
|
|
|
2016-03-10 18:40:01 +01:00
|
|
|
See also :ref:`-authorize-` for the asynchronous version of this directive.
|
2015-10-01 13:25:41 +02:00
|
|
|
|
|
|
|
|
.. note::
|
|
|
|
|
See also :ref:`authentication-vs-authorization-scala` to understand the differences between those.
|
2015-05-11 23:05:18 +02:00
|
|
|
|
|
|
|
|
Example
|
|
|
|
|
-------
|
|
|
|
|
|
2015-09-16 23:50:35 +02:00
|
|
|
.. includecode2:: ../../../../code/docs/http/scaladsl/server/directives/SecurityDirectivesExamplesSpec.scala
|
2016-03-10 18:40:01 +01:00
|
|
|
:snippet: 0authorize-0
|
