5

I am using play silhouette 4.0.0-BETA4. Everything seems to work fine except for storing the password. Each time I try to sign a new user up, all it's details are entered except for the password which seems to be stored in passwordinfo table.

I am using a MySQL database.

I spent a few hours trying to find out where the problem is and I couldn't figure it out.

build.sbt

  "com.mohiva" %% "play-silhouette" % "4.0.0-BETA4",
  "com.mohiva" %% "play-silhouette-persistence-memory" % "4.0.0-BETA4",
  "com.mohiva" %% "play-silhouette-password-bcrypt" % "4.0.0-BETA4",
  "com.mohiva" %% "play-silhouette-testkit" % "4.0.0-BETA4" % "test"

SignUpController

val user = User(
  None,
  userID = UUID.randomUUID(),
  loginInfo = loginInfo,
  firstName = Some(data.firstName),
  lastName = Some(data.lastName),
  fullName = Some(data.firstName + " " + data.lastName),
  email = Some(data.email),
  avatarURL = None
)
for {
  avatar <- avatarService.retrieveURL(data.email)
  user <- userService.save(user.copy(avatarURL = avatar))
  authInfo <- authInfoRepository.add(loginInfo, authInfo)
  authenticator <- silhouette.env.authenticatorService.create(loginInfo)
  token <- silhouette.env.authenticatorService.init(authenticator)
} yield {
  silhouette.env.eventBus.publish(SignUpEvent(user, request))
  silhouette.env.eventBus.publish(LoginEvent(user, request))
  Ok(Json.obj("token" -> token))
}

Here authInfoRepository.add should add the password in database.

I tried to debug the add function of authInfoRepository and it seems to get me to an add function in DelegableAuthInfoRepository.scala. Here is the function:

  override def add[T <: AuthInfo](loginInfo: LoginInfo, authInfo: T): Future[T] = {
    daos.find(_.classTag.runtimeClass == authInfo.getClass) match {
      case Some(dao) => dao.asInstanceOf[AuthInfoDAO[T]].add(loginInfo, authInfo)
      case _         => throw new ConfigurationException(AddError.format(authInfo.getClass))
    }
  }

I used IntelliJ to evaluate daos.find(_.classTag.runtimeClass == authInfo.getClass) and it seems to give me an error which I cannot understand (the error is: Could not evaluate due to a change in a source file; this error appears only when evaluating with IntelliJ, nothing else appears in the logs). If I try to continue the execution, it goes to the case Some line. If I continue, the debugger return to daos.find line. I tried to check for implementations of the add function from the case Some line and it seems to find only something related to In Memory Database: InMemoryAuthInfoDAO.scala.

I am not sure if the problem is coming from here but I really cannot understand why it is not adding the password and everything else works as expected.

The code I used was taken from a few exemples from Silhouette website. I don't have much knowledge about security.

If there is anything else missing, please let me know.

tzortzik
  • 4,993
  • 9
  • 57
  • 88
  • "it seems to give me an error which I cannot understand" Would you mind sharing it? – Łukasz Jun 14 '16 at 21:10
  • I added it to my initial post. Also here `Could not evaluate due to a change in a source file`. No changes were made in sources. – tzortzik Jun 14 '16 at 21:25
  • Not sure if that helps but looking at some example I found that the DAOs are set during configuration of DI. Maybe you didn't change that. See https://github.com/mohiva/play-silhouette-seed/blob/master/app/modules/SilhouetteModule.scala#L59 – Łukasz Jun 15 '16 at 07:07
  • I used angular seed project and it seems they updated it to a newer version. Here is the seed: https://github.com/mohiva/play-silhouette-angular-seed . The problem is that by updating silhouette to the latest version and using the exact same module configuration (notice `bind[DelegableAuthInfoDAO[PasswordInfo]].toInstance(new InMemoryAuthInfoDAO[PasswordInfo])`) I get the following error when compiling: – tzortzik Jun 15 '16 at 21:24
  • `SilhouetteModule.scala:192: Cannot generate a config value reader for type Option[Option[Seq[com.mohiva.play.silhouette.api.util.RequestPart.Value]]], because value readers cannot be auto-generated for types with type parameters. Consider defining your own ValueReader[Option[Option[Seq[com.mohiva.play.silhouette.api.util.RequestPart.Value]]]]` . Also the latest previous version of silhouette I used had implementations for InMemoryAuthInfo, this version does not. – tzortzik Jun 15 '16 at 21:24
  • I am not sure what that means. – tzortzik Jun 15 '16 at 21:25

2 Answers2

9

I solved a similar problem. I added this line.

/** SilhouetteModule.scala */

import net.ceedubs.ficus.readers.EnumerationReader._

Hope it helps :D

kenjihsmt
  • 91
  • 2
  • Still getting the same error on `SilhouetteModule.scala:192: Cannot generate a config value reader for type Option[Option[Seq[com.mohiva.play.silhouette.api.util.RequestPart.Value]]], because value readers cannot be auto-generated for types with type parameters. Consider defining your own ValueReader[Option[Option[Seq[com.mohiva.play.silhouette.api.util.RequestPart.Va‌​lue]]]]`. It says that the problem may be cause by the parameter of `configuration.underlying.as[JWTAuthenticatorSettings]("silhouette.authenticator")` – tzortzik Jun 28 '16 at 05:30
2

I know this is too late. But, it may help someone. the solution is to make your own class that extends DelegableAuthInfoDAO. as commented in the SilhouetteModule, it is using InMemmoryAuthInfoDAO class by default.

// Replace this with the bindings to your concrete DAOs
bind[DelegableAuthInfoDAO[GoogleTotpInfo]].toInstance(new InMemoryAuthInfoDAO[GoogleTotpInfo])
// this line has been changed to persist passwords in a DB
bind[DelegableAuthInfoDAO[PasswordInfo]].toInstance(new DBAuthDAO)
// this line has been changed to persist passwords in a DB
bind[DelegableAuthInfoDAO[OAuth1Info]].toInstance(new InMemoryAuthInfoDAO[OAuth1Info])
bind[DelegableAuthInfoDAO[OAuth2Info]].toInstance(new InMemoryAuthInfoDAO[OAuth2Info])
bind[DelegableAuthInfoDAO[OpenIDInfo]].toInstance(new InMemoryAuthInfoDAO[OpenIDInfo])

this code block is located in SilhouetteModule.scala

yasha
  • 21
  • 1
  • 4