www.digitalmars.com         C & C++   DMDScript  

digitalmars.D.learn - VibeD - REST API and vibed.web.auth framework

reply holo <holosian gmail.com> writes:
Hello

I'm trying to use auth framework with REST api ( 
http://vibed.org/api/vibe.web.auth/ ).

Is it possible to use it with registerRestInterface? According to 
description under: 
http://vibed.org/api/vibe.web.auth/requiresAuth it should be 
available on both Web and REST.

Here is my example code and compilation errors bellow:

import vibe.d;
import vibe.web.auth;
import vibe.http.session;
import vibe.web.rest : registerRestInterface;
import vibe.web.web : noRoute;
import std.algorithm, std.array;


struct AuthInfo {
	string userName;
     bool premium;
     bool admin;

	 safe:
	bool isAdmin() { return this.admin; }
	bool isPremiumUser() { return this.premium; }
}


interface IfOAuthAPI
{
     void postLogin(ValidUsername login, ValidPassword password);
//    bool postTokenValidation(string token, string userName);
}

 path("/api")
 requiresAuth
class OAuthAPI : IfOAuthAPI
{


    noRoute
   AuthInfo authenticate(scope HTTPServerRequest req, scope 
HTTPServerResponse res)  safe
	{
		if (!req.session || !req.session.isKeySet("auth"))
			throw new HTTPStatusException(HTTPStatus.forbidden, "Not 
authorized to perform this action!");

		return req.session.get!AuthInfo("auth");
   }

   this(MongoCollection coll)
   {
     collection = coll;
   }

   private:
     MongoCollection collection;

   public:
      noAuth
     string postLogin(ValidUsername login, ValidPassword password)
     {
       logInfo("Recived data for" ~ login ~ "and" ~ password);

       Bson query = Bson(["username" : Bson(login)]);
       auto result = collection.find(query);

       foreach (i, doc; result)
         logInfo("Item %d: %s", i, doc.toJson().toString());

       logInfo("Sending respond");
       return "OK";

     }
}

And im getting such errors:

ms-frontpage ~master: building configuration "application"...
../../.dub/packages/vibe-d-0.7.31/vibe-d/source/vibe/http/server.d(286,33):
Deprecation: alias diet.traits.FilterCallback is deprecated - Use
SafeFilterCallback instead.
source/app.d(14,31): Error: cannot create instance of interface 
IfOAuthAPI
source/service/oauth.d(35,8): Error:  safe function 
'oauth.OAuthAPI.authenticate' cannot call  system function 
'vibe.http.session.Session.opCast'
source/service/oauth.d(35,44): Error:  safe function 
'oauth.OAuthAPI.authenticate' cannot call  system function 
'vibe.http.session.Session.isKeySet'
source/service/oauth.d(36,10): Error:  safe function 
'oauth.OAuthAPI.authenticate' cannot call  system constructor 
'vibe.http.common.HTTPStatusException.this'
source/service/oauth.d(38,34): Error:  safe function 
'oauth.OAuthAPI.authenticate' cannot call  system function 
'vibe.http.session.Session.get!(AuthInfo).get'
dmd failed with exit code 1.

Regards
holo
Aug 06
parent reply Bastiaan Veelo <Bastiaan Veelo.net> writes:
On Sunday, 6 August 2017 at 16:47:14 UTC, holo wrote:
 Hello

 I'm trying to use auth framework with REST api ( 
 http://vibed.org/api/vibe.web.auth/ ).

 Is it possible to use it with registerRestInterface? According 
 to description under: 
 http://vibed.org/api/vibe.web.auth/requiresAuth it should be 
 available on both Web and REST.

 Here is my example code and compilation errors bellow:
[snip]
   AuthInfo authenticate(scope HTTPServerRequest req, scope 
 HTTPServerResponse res)  safe
[snip]
 And im getting such errors:

 ms-frontpage ~master: building configuration "application"...
 ../../.dub/packages/vibe-d-0.7.31/vibe-d/source/vibe/http/server.d(286,33):
Deprecation: alias diet.traits.FilterCallback is deprecated - Use
SafeFilterCallback instead.
 source/app.d(14,31): Error: cannot create instance of interface 
 IfOAuthAPI
 source/service/oauth.d(35,8): Error:  safe function 
 'oauth.OAuthAPI.authenticate' cannot call  system function 
 'vibe.http.session.Session.opCast'
[snip] Are you aware what safe does? If you remove it, it probably compiles. From safe functions you cannot call functions that are not marked safe or trusted [1]. Regards, Bastiaan. [1] https://dlang.org/spec/function.html#function-safety
Aug 07
parent holo <holosian gmail.com> writes:
Thank you for explanation.

It fix my problem with compilation. I was using 
https://github.com/rejectedsoftware/vibe.d/blob/master/examples/w
b-auth/source/app.d as example and there is  safe function. I try to compile it
with newest (beta) version of vibe.d and it compiled too (so i suspect in
newest version system function is marked as trusted/safe too or it is fixed
some other way :)).

Regards
holo
Aug 07