mohiva · wsargent · Dec 30, 2019 · Jan 15, 2020 · Jan 15, 2020 · Jan 16, 2020
diff --git a/app/controllers/AbstractAuthController.scala b/app/controllers/AbstractAuthController.scala
@@ -5,6 +5,7 @@ import com.mohiva.play.silhouette.api._
 import com.mohiva.play.silhouette.api.services.AuthenticatorResult
 import models.User
 import play.api.mvc._
+import utils.auth.DefaultEnv
 import utils.route.Calls
 
 import scala.concurrent.{ ExecutionContext, Future }
@@ -16,7 +17,7 @@ import scala.concurrent.{ ExecutionContext, Future }
  * @param ex The execution context.
  */
 abstract class AbstractAuthController(
-  scc: SilhouetteControllerComponents
+  scc: SilhouetteControllerComponents[DefaultEnv]
 )(implicit ex: ExecutionContext) extends SilhouetteController(scc) {
 
   /**

diff --git a/app/controllers/ActivateAccountController.scala b/app/controllers/ActivateAccountController.scala
@@ -9,6 +9,7 @@ import javax.inject.Inject
 import play.api.i18n.Messages
 import play.api.libs.mailer.Email
 import play.api.mvc.AnyContent
+import utils.auth.DefaultEnv
 import utils.route.Calls
 
 import scala.concurrent.{ ExecutionContext, Future }
@@ -17,7 +18,7 @@ import scala.concurrent.{ ExecutionContext, Future }
  * The `Activate Account` controller.
  */
 class ActivateAccountController @Inject() (
-  scc: SilhouetteControllerComponents
+  scc: SilhouetteControllerComponents[DefaultEnv]
 )(implicit ex: ExecutionContext) extends SilhouetteController(scc) {
 
   /**
@@ -26,7 +27,7 @@ class ActivateAccountController @Inject() (
    * @param email The email address of the user to send the activation mail to.
    * @return The result to display.
    */
-  def send(email: String) = UnsecuredAction.async { implicit request: MyRequest[AnyContent] =>
+  def send(email: String) = UnsecuredAction.async { implicit request: AppRequest[AnyContent] =>
     val decodedEmail = URLDecoder.decode(email, "UTF-8")
     val loginInfo = LoginInfo(CredentialsProvider.ID, decodedEmail)
     val result = Redirect(Calls.signin).flashing("info" -> Messages("activation.email.sent", decodedEmail))
@@ -55,7 +56,7 @@ class ActivateAccountController @Inject() (
    * @param token The token to identify a user.
    * @return The result to display.
    */
-  def activate(token: UUID) = UnsecuredAction.async { implicit request: MyRequest[AnyContent] =>
+  def activate(token: UUID) = UnsecuredAction.async { implicit request: AppRequest[AnyContent] =>
     authTokenService.validate(token).flatMap {
       case Some(authToken) => userService.retrieve(authToken.userID).flatMap {
         case Some(user) if user.loginInfo.providerID == CredentialsProvider.ID =>

diff --git a/app/controllers/AppRequest.scala b/app/controllers/AppRequest.scala
@@ -0,0 +1,61 @@
+package controllers
+
+import com.mohiva.play.silhouette.api.Env
+import org.slf4j.Marker
+import play.api.MarkerContext
+import play.api.i18n.MessagesApi
+import play.api.mvc._
+
+import scala.language.higherKinds
+
+/**
+ * Defines our own request with extended features above and beyond what Silhouette provides.
+ */
+trait AppRequestHeader extends MessagesRequestHeader
+  with PreferredMessagesProvider
+  with MarkerContext
+
+/**
+ * The request implementation with a parsed body (only relevant for POST requests)
+ *
+ * @param request the original request
+ * @param messagesApi the messages API, needed for producing a Messages instance
+ * @tparam B the type of the body, if any.
+ */
+class AppRequest[B](
+  request: Request[B],
+  messagesApi: MessagesApi
+) extends MessagesRequest[B](request, messagesApi) with AppRequestHeader {
+  // Stubbed out here, but see marker context docs
+  // https://www.playframework.com/documentation/2.8.x/ScalaLogging#Using-Markers-and-Marker-Contexts
+  def marker: Option[Marker] = None
+}
+
+/**
+ * A request with identity and authenticator traits.
+ */
+trait AppSecuredRequestHeader[E <: Env] extends AppRequestHeader
+  with SecuredRequestHeader[E]
+
+/**
+ * Implementation of secured request.
+ */
+class AppSecuredRequest[E <: Env, B](
+  request: Request[B],
+  messagesApi: MessagesApi,
+  val identity: E#I,
+  val authenticator: E#A,
+) extends AppRequest(request, messagesApi) with AppSecuredRequestHeader[E]
+
+/**
+ * A request with optional identity and authenticator traits.
+ */
+trait AppUserAwareRequestHeader[E <: Env] extends AppRequestHeader
+  with UserAwareRequestHeader[E]
+
+class AppUserAwareRequest[E <: Env, B](
+  request: Request[B],
+  messagesApi: MessagesApi,
+  val identity: Option[E#I],
+  val authenticator: Option[E#A]
+) extends AppRequest(request, messagesApi) with AppUserAwareRequestHeader[E]
diff --git a/app/controllers/ApplicationController.scala b/app/controllers/ApplicationController.scala
@@ -4,6 +4,7 @@ import com.mohiva.play.silhouette.api.LogoutEvent
 import com.mohiva.play.silhouette.impl.providers.GoogleTotpInfo
 import javax.inject.Inject
 import play.api.mvc._
+import utils.auth.DefaultEnv
 import utils.route.Calls
 
 import scala.concurrent.ExecutionContext
@@ -12,7 +13,7 @@ import scala.concurrent.ExecutionContext
  * The basic application controller.
  */
 class ApplicationController @Inject() (
-  scc: SilhouetteControllerComponents,
+  scc: SilhouetteControllerComponents[DefaultEnv],
   home: views.html.home
 )(implicit ex: ExecutionContext) extends SilhouetteController(scc) {
 
@@ -21,7 +22,7 @@ class ApplicationController @Inject() (
    *
    * @return The result to display.
    */
-  def index = SecuredAction.async { implicit request: MySecuredRequest[AnyContent] =>
+  def index = SecuredAction.async { implicit request: AppSecuredEnvRequest[AnyContent] =>
     authInfoRepository.find[GoogleTotpInfo](request.identity.loginInfo).map { totpInfoOpt =>
       Ok(home(request.identity, totpInfoOpt))
     }
@@ -32,7 +33,7 @@ class ApplicationController @Inject() (
    *
    * @return The result to display.
    */
-  def signOut = SecuredAction.async { implicit request: MySecuredRequest[AnyContent] =>
+  def signOut = SecuredAction.async { implicit request: AppSecuredEnvRequest[AnyContent] =>
     val result = Redirect(Calls.home)
     eventBus.publish(LogoutEvent(request.identity, request))
     authenticatorService.discard(request.authenticator, result)

diff --git a/app/controllers/ChangePasswordController.scala b/app/controllers/ChangePasswordController.scala
@@ -6,15 +6,15 @@ import com.mohiva.play.silhouette.impl.providers.CredentialsProvider
 import forms.ChangePasswordForm
 import javax.inject.Inject
 import play.api.i18n.Messages
-import utils.auth.WithProvider
+import utils.auth.{ DefaultEnv, WithProvider }
 
 import scala.concurrent.{ ExecutionContext, Future }
 
 /**
  * The `Change Password` controller.
  */
 class ChangePasswordController @Inject() (
-  scc: SilhouetteControllerComponents,
+  scc: SilhouetteControllerComponents[DefaultEnv],
   changePassword: views.html.changePassword
 )(implicit ex: ExecutionContext) extends SilhouetteController(scc) {
 

diff --git a/app/controllers/ForgotPasswordController.scala b/app/controllers/ForgotPasswordController.scala
@@ -7,6 +7,7 @@ import javax.inject.Inject
 import play.api.i18n.Messages
 import play.api.libs.mailer.Email
 import play.api.mvc.AnyContent
+import utils.auth.DefaultEnv
 import utils.route.Calls
 
 import scala.concurrent.{ ExecutionContext, Future }
@@ -15,7 +16,7 @@ import scala.concurrent.{ ExecutionContext, Future }
  * The `Forgot Password` controller.
  */
 class ForgotPasswordController @Inject() (
-  components: SilhouetteControllerComponents,
+  components: SilhouetteControllerComponents[DefaultEnv],
   forgotPassword: views.html.forgotPassword
 )(implicit ex: ExecutionContext) extends SilhouetteController(components) {
 
@@ -24,7 +25,7 @@ class ForgotPasswordController @Inject() (
    *
    * @return The result to display.
    */
-  def view = UnsecuredAction.async { implicit request: MyRequest[AnyContent] =>
+  def view = UnsecuredAction.async { implicit request: AppRequest[AnyContent] =>
     Future.successful(Ok(forgotPassword(ForgotPasswordForm.form)))
   }
 
@@ -36,7 +37,7 @@ class ForgotPasswordController @Inject() (
    *
    * @return The result to display.
    */
-  def submit = SecuredAction.async { implicit request: MyRequest[AnyContent] =>
+  def submit = UnsecuredAction.async { implicit request: AppRequest[AnyContent] =>
     ForgotPasswordForm.form.bindFromRequest.fold(
       form => Future.successful(BadRequest(forgotPassword(form))),
       email => {

diff --git a/app/controllers/MyRequest.scala b/app/controllers/MyRequest.scala
diff --git a/app/controllers/ResetPasswordController.scala b/app/controllers/ResetPasswordController.scala
@@ -8,6 +8,7 @@ import forms.ResetPasswordForm
 import javax.inject.Inject
 import play.api.i18n.Messages
 import play.api.mvc.AnyContent
+import utils.auth.DefaultEnv
 import utils.route.Calls
 
 import scala.concurrent.{ ExecutionContext, Future }
@@ -16,7 +17,7 @@ import scala.concurrent.{ ExecutionContext, Future }
  * The `Reset Password` controller.
  */
 class ResetPasswordController @Inject() (
-  scc: SilhouetteControllerComponents,
+  scc: SilhouetteControllerComponents[DefaultEnv],
   resetPassword: views.html.resetPassword
 )(implicit ex: ExecutionContext) extends SilhouetteController(scc) {
 
@@ -26,7 +27,7 @@ class ResetPasswordController @Inject() (
    * @param token The token to identify a user.
    * @return The result to display.
    */
-  def view(token: UUID) = UnsecuredAction.async { implicit request: MyRequest[AnyContent] =>
+  def view(token: UUID) = UnsecuredAction.async { implicit request: AppRequest[AnyContent] =>
     authTokenService.validate(token).map {
       case Some(_) => Ok(resetPassword(ResetPasswordForm.form, token))
       case None => Redirect(Calls.signin).flashing("error" -> Messages("invalid.reset.link"))
@@ -39,7 +40,7 @@ class ResetPasswordController @Inject() (
    * @param token The token to identify a user.
    * @return The result to display.
    */
-  def submit(token: UUID) = UnsecuredAction.async { implicit request: MyRequest[AnyContent] =>
+  def submit(token: UUID) = UnsecuredAction.async { implicit request: AppRequest[AnyContent] =>
     authTokenService.validate(token).flatMap {
       case Some(authToken) =>
         ResetPasswordForm.form.bindFromRequest.fold(

diff --git a/app/controllers/SignInController.scala b/app/controllers/SignInController.scala
@@ -8,6 +8,7 @@ import forms.{ SignInForm, TotpForm }
 import javax.inject.Inject
 import play.api.i18n.Messages
 import play.api.mvc.AnyContent
+import utils.auth.DefaultEnv
 import utils.route.Calls
 
 import scala.concurrent.{ ExecutionContext, Future }
@@ -16,7 +17,7 @@ import scala.concurrent.{ ExecutionContext, Future }
  * The `Sign In` controller.
  */
 class SignInController @Inject() (
-  scc: SilhouetteControllerComponents,
+  scc: SilhouetteControllerComponents[DefaultEnv],
   signIn: views.html.signIn,
   activateAccount: views.html.activateAccount,
   totp: views.html.totp
@@ -27,7 +28,7 @@ class SignInController @Inject() (
    *
    * @return The result to display.
    */
-  def view = UnsecuredAction.async { implicit request: MyRequest[AnyContent] =>
+  def view = UnsecuredAction.async { implicit request: AppRequest[AnyContent] =>
     Future.successful(Ok(signIn(SignInForm.form, socialProviderRegistry)))
   }
 
@@ -36,7 +37,7 @@ class SignInController @Inject() (
    *
    * @return The result to display.
    */
-  def submit = UnsecuredAction.async { implicit request: MyRequest[AnyContent] =>
+  def submit = UnsecuredAction.async { implicit request: AppRequest[AnyContent] =>
     SignInForm.form.bindFromRequest.fold(
       form => Future.successful(BadRequest(signIn(form, socialProviderRegistry))),
       data => {