Example project for Play Framework that uses Silhouette for authentication and authorization, exposed REST API for sign-up, sign-in.
$ curl --request POST http://localhost:9000/api/auth/signup \
--header 'Content-Type: application/json' \
--data '{"identifier": "adam.zareba", "password": "this!Password!Is!Very!Very!Strong!", "email": "[email protected]", "firstName": "Adam", "lastName": "Zaręba"}' \
--verbose
< HTTP/1.1 200 OK
< Content-Type: application/json; charset=utf-8
< X-Auth-Token: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9...
{
"token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9...",
"expiresOn": "2017-10-06T07:49:27.238+02:00"
}
Not necessary just after the sign-up because you already have a valid token.
$ curl --request POST http://localhost:9000/api/auth/signin/credentials \
--header 'Content-Type: application/json' -d '{"identifier": "adam.zareba", "password": "this!Password!Is!Very!Very!Strong!"}' \
--verbose
< HTTP/1.1 200 OK
< Content-Type: application/json; charset=utf-8
< X-Auth-Token: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9...
{
"token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9...",
"expiresOn": "2017-10-06T07:49:27.238+02:00"
}
The token must belong to a user with Admin role
$ curl http://localhost:9000/badPassword --header 'X-Auth-Token:eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9...' --verbose
< HTTP/1.1 200 OK
< Content-Type: application/json; charset=utf-8
{"result":"qwerty1234"}
username | password |
---|---|
test1 | test1Password |
test2 | test2Password |
It is possible to reload database with based data with scripts: recreate.bat or recreate.sh
Using Docker: see the database section
Documentation is available under address: REST API
The code is licensed under Apache License v2.0.