Description

Rack middleware that authenticates requests with matching username and password

Prerequisites

rack 1.0.0 or later

Usage

use “Rack::Auth::Cheat”, “user_field”, “password_field”

Default Fields

The default user field is “username”. The default password field is “password”.

Details

The rack-auth-cheat library provides a Rack middleware interface which authenticates any request with a matching username and password. This is useful in development environments, especially as a way to stub out an external authentication system. Be sure to include this from an environment-specific file such as config/environments/development.rb rather than from a global configuration file such as config/environment.rb

The call method we’ve defined first checks to see if the AUTH_USER environment variable is set. If it is, we assume that the user has already been authenticated and move on.

If AUTH_USER is not set, and AUTH_FAIL is not set, we then check whether the username and password match (the “Cheat” authentication method). If they match, AUTH_USER is set to the username.

If they don’t match then the request is passed on without modification. AUTH_FAIL will not be set by this class.

It up to the application to check for the presence of AUTH_USER and/or AUTH_FAIL and act as necessary.

Authors

Daniel Berger Charlie O’Keefe