{"id":21129077,"url":"https://github.com/ics-software-engineering/play-example-login","last_synced_at":"2025-07-09T00:31:42.869Z","repository":{"id":11330629,"uuid":"13755163","full_name":"ics-software-engineering/play-example-login","owner":"ics-software-engineering","description":"A simple example of authentication and authorization in Play","archived":false,"fork":false,"pushed_at":"2016-07-05T05:50:54.000Z","size":888,"stargazers_count":24,"open_issues_count":1,"forks_count":23,"subscribers_count":7,"default_branch":"master","last_synced_at":"2024-03-27T04:19:22.682Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ics-software-engineering.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2013-10-21T21:05:45.000Z","updated_at":"2023-10-18T13:28:32.000Z","dependencies_parsed_at":"2022-08-20T12:00:37.973Z","dependency_job_id":null,"html_url":"https://github.com/ics-software-engineering/play-example-login","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ics-software-engineering%2Fplay-example-login","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ics-software-engineering%2Fplay-example-login/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ics-software-engineering%2Fplay-example-login/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ics-software-engineering%2Fplay-example-login/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ics-software-engineering","download_url":"https://codeload.github.com/ics-software-engineering/play-example-login/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":225470732,"owners_count":17479368,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-20T05:15:23.857Z","updated_at":"2024-11-20T05:15:24.576Z","avatar_url":"https://github.com/ics-software-engineering.png","language":"Java","funding_links":[],"categories":[],"sub_categories":[],"readme":"![screenshot](https://raw.github.com/ics-software-engineering/play-example-login/master/doc/play-example-login.png)\n\nOverview\n--------\n\nThis is a Play application illustrating a simple approach to authentication and authorization.\n\n**Authentication is done in the following way:**\n\n  * The [models package](https://github.com/ics-software-engineering/play-example-login/tree/master/app/models) implements\n    the UserInfo and UserInfoDB classes to hold credential information.  Credentials are initialized in the\n    [Global](https://github.com/ics-software-engineering/play-example-login/blob/master/app/Global.java) class.\n    \n  * The [Login view](https://github.com/ics-software-engineering/play-example-login/blob/master/app/views/Login.scala.html)\n    provides a simple login form. The [LoginFormData.validate() method](https://github.com/ics-software-engineering/play-example-login/blob/master/app/views/formdata/LoginFormData.java#L28-38)\n    determines if the login succeeds and raises ValidationErrors if invalid credentials are entered.\n    \n  * The [Login controller method](https://github.com/ics-software-engineering/play-example-login/blob/master/app/controllers/Application.java#L36-59)\n    adds the authenticated user's email to the session object, or else returns the Login view with errors. \n\n**Authorization is done in the following way:**   \n\n  * The [Secured class](https://github.com/ics-software-engineering/play-example-login/blob/master/app/controllers/Secured.java)\n    supports authorization by extending the Security.Authenticator class and overriding the getUsername() and onUnauthorized()\n    methods.  These methods are used to restrict access to the profile page.\n    This class also implements helper methods (getUser(), isLoggedIn(), and getUserInfo()) that enable controllers to \n    adjust the view depending upon whether the user is logged in or not.\n    \n  * The [Application controller class](https://github.com/ics-software-engineering/play-example-login/blob/master/app/controllers/Application.java) \n    annotates the controller methods that requires authenticated users (logout() and profile()) \n    with @Security.Authenticated(Secured.java).\n    \n  * The [Main.scala.html template](https://github.com/ics-software-engineering/play-example-login/blob/master/app/views/Main.scala.html)\n    implements a [context sensitive navbar](https://github.com/ics-software-engineering/play-example-login/blob/master/app/views/Main.scala.html#L34-47)\n    that displays different links depending upon whether the user is authenticated or unauthenticated.   \n    \n    \n**Obvious shortcomings of this approach:**\n\n  * Credentials sent \"in the clear\" (i.e. via http, not https).\n  * Credentials stored \"in the clear\".\n  * No registration workflow (i.e. email confirmation.)\n  * No support for third-party authentication (google, facebook, etc.)\n  \nIf you require \"production quality\" authentication and authorization, you should consider a Play plugin\nsuch as [play-authenticate](http://joscha.github.io/play-authenticate/), [SecureSocial](http://securesocial.ws/),\nand/or [Deadbolt 2](https://github.com/schaloner/deadbolt-2).\nThey are slightly more complicated to use but provide mechanisms to address these issues. \n\nScreencast\n----------\n\nClick the image below to watch a 15 minute walkthrough of this system. \n\n[\u003cimg src=\"https://raw.github.com/ics-software-engineering/play-example-login/master/doc/play-example-login-youtube.png\" width=\"400\"\u003e](http://www.youtube.com/watch?v=L3yudzFXjxg)\n\n\n\n\n\n\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fics-software-engineering%2Fplay-example-login","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fics-software-engineering%2Fplay-example-login","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fics-software-engineering%2Fplay-example-login/lists"}