Example project for Play Framework that uses Silhouette for authentication and authorization, exposed REST API for sign-up, sign-in.
curl -X POST http://localhost:9000/api/auth/# -H 'Content-Type: application/json' -d '{"identifier": "adam.zareba", "password": "this!Password!Is!Very!Very!Strong!", "email": "adam.zareba@test.pl", "firstName": "Adam", "lastName": "Zaręba"}' -v
< HTTP/1.1 200 OK
< Content-Type: application/json; charset=utf-8
< X-Auth-Token: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9...
{
"token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9...",
"expiresOn": "2017-10-06T07:49:27.238+02:00"
}
Not necessary just after the sign-up because you already have a valid token.
curl -X POST http://localhost:9000/api/auth/signin/credentials -H 'Content-Type: application/json' -d '{"identifier": "adam.zareba", "password": "this!Password!Is!Very!Very!Strong!"}' -v
< HTTP/1.1 200 OK
< Content-Type: application/json; charset=utf-8
< X-Auth-Token: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9...
{
"token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9...",
"expiresOn": "2017-10-06T07:49:27.238+02:00"
}
The token must belong to a user with Admin role
curl http://localhost:9000/badPassword -H 'X-Auth-Token:eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9...' -v
< HTTP/1.1 200 OK
< Content-Type: application/json; charset=utf-8
{"result":"qwerty1234"}
username | password |
---|---|
test1 | test1Password |
test2 | test2Password |
It is possible to reload database with based data with scripts: recreate.bat or recreate.sh
Documentation is available under address: REST API
The code is licensed under Apache License v2.0.