post("/login") {
basicAuth
logger.debug("The user %s was successfully logged in.".format(params("userName")))
}
error {
case ex => logger.error("there was an error requesting %s" format request.path, ex)
}
protected def basicAuth() = {
val req = new BasicAuthStrategy.BasicAuthRequest(request)
def notAuthenticated() {
response.setHeader("WWW-Authenticate", "Basic realm=\"%s\"" format realm)
halt(401, "Unauthenticated")
}
if(!req.providesAuth) {
notAuthenticated
}
if(!req.isBasicAuth) {
halt(400, "Bad Request")
}
val user = DAO.validateLoginPassword(req.user, req.password)
if (user != null)
response.headers("REMOTE_USER", user.id)
else {
notAuthenticated
}
Option(user)
}