When adding authentication to a website, do you wr...
# ktorv
v79
08/14/2021, 9:35 AMWhen adding authentication to a website, do you wrap all the routes which the user must be logged into to with
authenticate()authenticate()d
Dominaezzz
08/14/2021, 9:54 AMThe latter
v
v79
08/14/2021, 10:02 AMSo for every route which should only be accessible to authenticated users, I have to check the session state myself?
a
Aleksei Tirman [JB]
08/16/2021, 10:47 AMYes. There is no built-in functionality for this.
Aleksei Tirman [JB]
08/16/2021, 12:15 PM@v79 what authentification method do you use?
v
v79
08/16/2021, 12:16 PMI'm using (well, experimenting with) Oauth using AWS Cogito.
a
Aleksei Tirman [JB]
08/16/2021, 12:17 PMThen my answer is correct :)
v
v79
08/16/2021, 12:21 PMThe ktor examples seem to put the callback URL inside the authenticate block. That crashes when I'm running ktor on AWS lambda through kotless. Works when the callback is not in authenticate.
The osiris framework I've previously used for serverless puts all routes which should be secure inside the authenticate block and handles it automatically. Which was nice 😊.
3 Views