https://kotlinlang.org logo
#ktor
Title
# ktor
g

gotoOla

08/31/2020, 9:30 AM
Hi! Has anyone done a nice implementation or library where you can add an auth mechanism to the call-stack like what was usually done with mdc/thread locals in Java? I read about the ContextElements but apparantly you have to keep track of your context every time you do a launch/async which seems a bit error prone/brittle
e

efemoney

08/31/2020, 9:37 AM
I use plain DI plus extension functions access. Just remember the
Application
and
ApplicationCall
components both have
Attributes
which is a type safe map where you can put arbitrary data (depending on the scope)
g

gotoOla

08/31/2020, 9:44 AM
@efemoney when you say that you use plain DI, do you mean that you have an auth-singleton that holds the user-info?
Like, if you have a classic chain of endpoints -> service -> repository, the ApplicationCall would only be available in the endpoints-layer right? I might need to access the auth object in the service layer
e

efemoney

08/31/2020, 9:48 AM
With dependency injection, the scope in which the
Service
lives would probably be where the
AuthSingleton
is injected which would probably be in the
Application
scope via its Attributes
This is an example using Dagger for DI with Ktor
Copy code
internal val Application.component
  get() = attributes.computeIfAbsent(ApplicationComponentKey) {
    DaggerApplicationComponent.factory().create(this, environment)
  }

internal val ApplicationCall.component
  get() = attributes.computeIfAbsent(CallComponentKey) {
    application.component.newCallComponentFactory().create(this)
  }


private val ApplicationComponentKey = AttributeKey<ApplicationComponent>("ApplicationComponentKey")

private val CallComponentKey = AttributeKey<CallComponent>("CallComponentKey")
The DI graph (represented by the generated Dagger
component
) is contained in the
Application
s
Attributes
. This way, objects from the
ApplicationEnvironment
or the
Application
itself can be inputs into the graph which lives as long as the
Application
is running.
g

gotoOla

08/31/2020, 11:02 AM
cool, how do you clean out keys that are no longer used? Or I guess the garbage collection would take care of that once the applicationcall is cleared?
e

efemoney

08/31/2020, 11:02 AM
Yup, relying on garbage collection. I also define Dagger
@Scope
s to be explicit (
@ApplicationScope
&
@CallScope
)
Snippet of my app component
g

gotoOla

08/31/2020, 11:06 AM
Cool. I'm not running any DI framework now but we deal with that on our own
do you happen to know if there's any identifier on an applicationcall? Let's say that I want to map a call to a header and then look that up later?
e.g. if I have 1000 different users, I would want each call from them to end up in the map where "call" -> "auth-token sent in with call"
actually nevermind..I need to think this through a bit more 😛
e

efemoney

08/31/2020, 11:16 AM
Cool. I’m not running any DI framework now but we deal with that on our own
Nice! I don’t know of any identifier but should be easy enough to generate one (and cache/store it) on the client and send to your ktor BE
2 Views