我正在尝试编写一个拒绝非ajax请求的指令。下面的代码显然不起作用:
import akka.http.scaladsl.model.HttpHeader
import akka.http.scaladsl.server.Directive0
import akka.http.scaladsl.server.directives.BasicDirectives
import akka.http.scaladsl.server.directives.HeaderDirectives
import akka.http.scaladsl.server.directives.RouteDirectives
trait AjaxDirectives extends BasicDirectives with HeaderDirectives with RouteDirectives {
private val valid = "XMLHttpRequest"
def ajax(): Directive0 = {
headerValueByName("X-Requested-With") { header ⇒
if (header == valid) {
pass
} else {
reject
}
}
}
}
(这里有两个问题:pass是Directive0和headerValueByName是Directive1,headerValueByName是Directive1和ajax是Directive0。所以它不编译)
我的问题是:我能以某种方式获得本地范围的提取吗与中一样,header不会逃离ajax。
我知道我可以在不使用headerValue*的情况下访问拉出标头的请求,所以请不要这样回答。
阅读SecurityDirectives.authorizeAsync给了我答案:
import akka.http.scaladsl.model.HttpHeader
import akka.http.scaladsl.server.Directive0
import akka.http.scaladsl.server.directives.BasicDirectives
import akka.http.scaladsl.server.directives.HeaderDirectives
import akka.http.scaladsl.server.directives.RouteDirectives
trait AjaxDirectives extends BasicDirectives with HeaderDirectives with RouteDirectives {
private val headerName = "X-Requested-With"
private val valid = "XMLHttpRequest"
def ajax(): Directive0 = {
headerValueByName(headerName).flatMap { header ⇒
if (header == valid) {
pass
} else {
reject
}
}
}
}