Session management through nubes about nubes HOT 11 OPEN

iirc : simply declare Session as parameter of your method, and use it.

from nubes.

Nope. the method throws a null pointer exception for Session. I tried both, with and without explicitly setting a SessionHandler on the router. I could see in the nubes code that CookieHandler is being set but could not find anywhere in the code where a SessionHandler is being set. Is there an example i can use?

from nubes.

I'll have a look tomorrow. Auth/Session is the only part of the code I didn't write myself.

(the only place a sessionhandler is set is when you're using an auth provider)

from nubes.

"Version 1.1 should be available shortly" according to bintray.

You should be able to use the Session as a method parameter even though you're not using a built-in authentication mechanism.

Let me know if it suits your needs or not :)

from nubes.

Couple of things:

• I marked one of my controller methods with Auth annotation and other one was not marked. I did not provide any AuthProvider. Both paths were served. I was expecting it to throw an exception. Dont know if this is the way it should be
• I provided a ShiroAuth provider ( as this is what i want to use in my app ).
  • For the path not marked with Auth annotation, cookie vertx-web.session was not returned in response
  • For the path marked with Auth annotation, cookie vertx-web.session was correctly returned in response, however, re-visiting the unmarked path, the cookie was again not returned
• Is there any other way to provide authProvider or VertxNubes.setAuthProvider is the correct way

So my needs ( just to elaborate: would be happy to help, let me know)

• There should be an annotation way to tell this web app is session cookie enabled with or without auth . And once mentioned, all paths should be able to return vertx-web.session in response without explicitly mentioning so
• There should be a annotation way to configure an AuthProvider. Not a big issue to use set but for a library promoting Annotation, this would be more in tune :)
• If there are paths which are marked with @Auth if there is no AuthProvider set then it should throw an exception rather making the path unsecured.

Later today I will try to update the code which can highlight these issues for you

from nubes.

OK. I'll try to rework the auth part completely.

I'm not using it myself (since I've always been using using custom authentication services) and as I mentionned earlier, I did not write this part of the code. I'm not happy with the way it's configured, too.

So I guess it's time (and OAuth2 support coming in vert.x 3.2 has to be added, too) to rewrite this part of Nubes properly.

For the cookie thing, I'll try to create a standard vertx-web app with an authenticated and a public route but I think the problem doesn't lie within Nubes.

I'll try to rethink everything related to auth from scratch. Again, that's not that easy since I've never used it myself.

from nubes.

And may be a login and logout handler annotation on a controller method because nubes is injecting the AuthProvider which is needed by the FormLoginHanlder

from nubes.

Would you be taking this up soon? Or can I get started on a fork?

from nubes.

I'm in the middle of a move to another city, which means (aside a very very busy schedule) I probably won't be connected to the internet in the upcoming weeks.

If you feel like working on a fork, the licence allows it, so feel free, np at all,

I'll give it a look and help you as soon as I'm able to.

from nubes.

I will need some opinion! Don't to digress away from the library's core philosophy.
For sessions, I am planning to add a type annotation SessionEnabled toVertxNubes and NubesServer. So a SessionHandler will be set on all routes if initialized as @SessionEnabled VertxNubes nubes = ...

Does it seem ok?

from nubes.

That sounds good on a philosophical point of view :)

.Be careful with the implementation though, I guess if a route is already annotated with auth-realated stuff, the sessionhandler will be attached to the route (be careful you don't attach it twice in that case ;) )

Also, there are a ton of unit tests, you can run them to make sure you didn't break anything (there's ~85-90% code coverage). And also, make sure you compile the tests with the -parameters options (if you run them in your IDE for example) or some tests won't work.

Have fun :)

from nubes.