我正在尝试编写一个拒绝非ajax请求的指令。下面的代码显然不起作用:
import akka.http.scaladsl.model.HttpHeader
import akka.http.scaladsl.server.Directive0
import akka.http.scaladsl.server.directives.BasicDirectives
import akka.http.scaladsl.server.directives.HeaderDirectives
import akka.http.scaladsl.server.directives.RouteDirectives
trait AjaxDirectives extends BasicDirectives with HeaderDirectives with RouteDirectives {
private val valid = "XMLHttpRequest"
def ajax(): Directive0 = {
headerValueByName("X-Requested-With") { header ⇒
if (header == valid) {
pass
} else {
reject
}
}
}
}
(这里有两个问题:pass
是Directive0
和headerValueByName
是Directive1
,headerValueByName
是Directive1
和ajax
是Directive0
。所以它不编译)
我的问题是:我能以某种方式获得本地范围的提取吗与中一样,header
不会逃离ajax
。
我知道我可以在不使用headerValue*
的情况下访问拉出标头的请求,所以请不要这样回答。
阅读SecurityDirectives.authorizeAsync
给了我答案:
import akka.http.scaladsl.model.HttpHeader
import akka.http.scaladsl.server.Directive0
import akka.http.scaladsl.server.directives.BasicDirectives
import akka.http.scaladsl.server.directives.HeaderDirectives
import akka.http.scaladsl.server.directives.RouteDirectives
trait AjaxDirectives extends BasicDirectives with HeaderDirectives with RouteDirectives {
private val headerName = "X-Requested-With"
private val valid = "XMLHttpRequest"
def ajax(): Directive0 = {
headerValueByName(headerName).flatMap { header ⇒
if (header == valid) {
pass
} else {
reject
}
}
}
}