Am 07.08.2017 um 11:21 schrieb holo:
Hello
I'm trying to use Auth framework with REST api.
Is it possible to use it with registerRestInterface? According to description under: http://vibed.org/api/vibe.web.auth/requiresAuth it should be available on both Web and REST.
Here is my example code and compilation errors bellow:
... @noRoute AuthInfo authenticate(scope HTTPServerRequest req, scope HTTPServerResponse res) @safe { if (!req.session || !req.session.isKeySet("auth")) throw new HTTPStatusException(HTTPStatus.forbidden, "Not authorized to perform this action!"); return req.session.get!AuthInfo("auth"); } ...
And im getting such errors:
ms-frontpage ~master: building configuration "application"... ../../.dub/packages/vibe-d-0.7.31/vibe-d/source/vibe/http/server.d(286,33): Deprecation: alias diet.traits.FilterCallback is deprecated - Use SafeFilterCallback instead. source/app.d(14,31): Error: cannot create instance of interface IfOAuthAPI source/service/oauth.d(35,8): Error: @safe function 'oauth.OAuthAPI.authenticate' cannot call @system function 'vibe.http.session.Session.opCast' source/service/oauth.d(35,44): Error: @safe function 'oauth.OAuthAPI.authenticate' cannot call @system function 'vibe.http.session.Session.isKeySet' source/service/oauth.d(36,10): Error: @safe function 'oauth.OAuthAPI.authenticate' cannot call @system constructor 'vibe.http.common.HTTPStatusException.this' source/service/oauth.d(38,34): Error: @safe function 'oauth.OAuthAPI.authenticate' cannot call @system function 'vibe.http.session.Session.get!(AuthInfo).get' dmd failed with exit code 1.
Regards
holo
Can you try replacing the @safe
with @trusted
for the authenticate
method above? The API in vibe.d 0.7.x is not yet annotated with @safe
,
so the compiler will complain when it is called from an @safe
context.
Alternatively, you could try upgrading to 0.8.0, which is fully @safe
,
but that could lead to warnings in other areas of your because not all
code is @safe
. In the long run, this is definitely the way to go,
though, since memory safety is so critical for public server applications.