play.filters.csrf.enabled=true play.filters.cors.allowedOrigins=["http://example.com"] play.filters.cors.allowedHeaders=["Content-Type", "Authorization"] play.filters.acl { # Allow access from localhost allow { path-starts-with = ["/"] allowed = ["127.0.0.1", "::1"] } # Deny access to sensitive routes deny { path-starts-with = ["/admin", "/user"] } } scala class MyAuthenticator extends AbstractAuthenticator[UsernamePasswordCredentials] { def validate(credentials: UsernamePasswordCredentials): Option[String] = { if (credentials.username == "admin" && credentials.password == "password") { Some(credentials.username) } else { None } } } class MyController(auth: DefaultActionBuilder) extends Controller { def protectedEndpoint() = auth { Action { request => Ok("Authorized!") } } }


上一篇:
下一篇:
切换中文