in app/lib/PanAuth.scala [31:67]
def authStatus(cookie: Cookie, verification: Verification): AuthenticationStatus = PanDomain.authStatus(
cookie.value,
verification,
PanDomain.guardianValidation,
apiGracePeriod = 0,
system = "s3-upload",
cacheValidation = false,
forceExpiry = false
)
object AuthAction extends ActionBuilder[UserRequest, AnyContent] {
override def parser: BodyParser[AnyContent] = PandaController.this.controllerComponents.parsers.default
override protected def executionContext: ExecutionContext = PandaController.this.controllerComponents.executionContext
override def invokeBlock[A](request: Request[A], block: UserRequest[A] => Future[Result]): Future[Result] = {
request.cookies.get("gutoolsAuth-assym") match {
case Some(cookie) =>
authStatus(cookie, publicSettings.verification) match {
case Authenticated(AuthenticatedUser(user, _, _, _, _)) =>
if (!permissions.hasPermission(S3UploaderAccess, user.email)) {
logger.error(s"User ${user.email} does not have ${S3UploaderAccess.name} permission")
unauthorisedResponse(request)
} else {
block(new UserRequest(user, request))
}
case other =>
logger.info(s"Login response $other")
unauthenticatedResponse(request)
}
case None =>
logger.warn("Panda cookie missing")
unauthenticatedResponse(request)
}
}
}