Is there a recommended way to enforce authenticati...
# ktor
j
Is there a recommended way to enforce authentication on static files / resources? My ktor app is serving a static home page and also a static web application that requires auth (in
/app
). The static home page part works well, and login/logout flow works well, but the way in which I made
/app
require authentication feels hacky and seems to be buggy.. code in 🧵
Copy code
staticFiles(
    remotePath = "/app",
    dir = File("static_app")
) {
    modify { file, call ->
        val currentAuthenticatedSession = getCurrentAuthenticatedSession()
        if (currentAuthenticatedSession == null) {
            call.respondRedirect("/login?redirectUrl=${call.request.uri}")
        }
    }
}
The code above shows how I’m setting up the static files route and enforcing a valid authenticated session, but the strange thing here is the behaviour when I load these routes in my browser: •
/app
works as expected when either logged out or logged in •
/app/index.html
works as expected when either logged out or logged in •
/app/
throws a 404 Does anyone have any insights as to why the trailing
/
would cause this problem? Or, is there a better way to achieve what I’m trying to do?
went to bed, had a good sleep, tried again this morning and realised it was something quite simple 😄 if anyone finds this thread by searching in future, the fix for this issue is:
install(IgnoreTrailingSlash)
😴 1
👍 1