Module: HttpBasicAuthentication::Patches::ApplicationControllerPatch

Extended by:

ActiveSupport::Concern

Defined in:

lib/http_basic_authentication/patches/application_controller_patch.rb

Overview

This module patches the default authentication system by using HTTP Basic Authorization headers fields to login users or create them if necessary.

Instance Method Summary

• #try_to_autologin_with_http_basic ⇒ Object

  We hijack the autologin method as this the HTTP Basic authorization is a kind of auto login system which created users on the fly.

Instance Method Details

#try_to_autologin_with_http_basic ⇒ Object

We hijack the autologin method as this the HTTP Basic authorization is a kind of auto login system which created users on the fly.

# File 'lib/http_basic_authentication/patches/application_controller_patch.rb', line 15

def try_to_autologin_with_http_basic
  if http_authorization?
    authenticate_with_http_basic do |username, _password|
      logger.info "Successful authentication for '#{username}'" \
        "from #{request.remote_ip} at #{Time.now.utc}"
      self.logged_user = User.find_by_login(username) ||
        create_http_authorization_user(username)
    end
  else
    try_to_autologin_without_http_basic
  end
end