Module: ActionController::HttpAuthentication::Basic::ControllerMethods

Extended by:
ActiveSupport::Concern
Defined in:
lib/action_controller/metal/http_authentication.rb

Defined Under Namespace

Modules: ClassMethods

Instance Method Summary collapse

Instance Method Details

#authenticate_or_request_with_http_basic(realm = nil, message = nil, &login_procedure) ⇒ Object



92
93
94
# File 'lib/action_controller/metal/http_authentication.rb', line 92

def authenticate_or_request_with_http_basic(realm = nil, message = nil, &)
  authenticate_with_http_basic(&) || request_http_basic_authentication(realm || "Application", message)
end

#authenticate_with_http_basic(&login_procedure) ⇒ Object



96
97
98
# File 'lib/action_controller/metal/http_authentication.rb', line 96

def authenticate_with_http_basic(&)
  HttpAuthentication::Basic.authenticate(request, &)
end

#http_basic_authenticate_or_request_with(name:, password:, realm: nil, message: nil) ⇒ Object



83
84
85
86
87
88
89
90
# File 'lib/action_controller/metal/http_authentication.rb', line 83

def http_basic_authenticate_or_request_with(name:, password:, realm: nil, message: nil)
  authenticate_or_request_with_http_basic(realm, message) do |given_name, given_password|
    # This comparison uses & so that it doesn't short circuit and
    # uses `secure_compare` so that length information isn't leaked.
    ActiveSupport::SecurityUtils.secure_compare(given_name.to_s, name) &
      ActiveSupport::SecurityUtils.secure_compare(given_password.to_s, password)
  end
end

#request_http_basic_authentication(realm = "Application", message = nil) ⇒ Object



100
101
102
# File 'lib/action_controller/metal/http_authentication.rb', line 100

def request_http_basic_authentication(realm = "Application", message = nil)
  HttpAuthentication::Basic.authentication_request(self, realm, message)
end