I wrote a custom authenticator, but the routes see...
# ktor
I wrote a custom authenticator, but the routes seem to be getting called without authentication anyways. Any ideas from the routing and the authentication pipeline snippets?
I’m afraid there is no enough context. Since the pipeline seems to be part of the class
that is not included, and no clue about the register method either
is the full header for the register method
There’s not anything special about the AccountSessionAuthenticationProvider beside it extending from
and it having the two configuration options on it
Copy code
val authenticate: suspend (SessionToken) -> Principal? = provider.authenticate
val loginRedirectProvider: (ApplicationCall.() -> Url)? = provider.loginRedirectProvider
Here’s the full implementation if it really does help
Copy code
class AccountSessionAuthenticationProvider(name: String?) : AuthenticationProvider(name) {
    internal var loginRedirectProvider: (ApplicationCall.() -> Url)? = null
        private set

    internal var authenticate: suspend (SessionToken) -> Principal? = { null }
        private set

    fun redirectToLogin(provider: ApplicationCall.() -> Url) {
        loginRedirectProvider = provider

    fun validate(validate: suspend (SessionToken) -> Principal?) {
        authenticate = validate
my account session authentication is pretty close to the BasicAuthenticationProvider in ktor-auth, the difference being credentials are fetched from a cookie on the ApplicationCall instead of the
header. https://github.com/ktorio/ktor/blob/master/ktor-features/ktor-auth/src/io/ktor/auth/BasicAuth.kt