Module: Useless::Rack::Middleware::Authentication::AccessToken
- Included in:
- QueryString, RequestHeader
- Defined in:
- lib/useless/rack/middleware/authentication/access_token.rb
Overview
The ‘Authentication::AccessToken` module defines the behavior for access- token-based authentication middleware. The middlewares are responsible only for providing the access token via the `#access_token_for_env` method.
Instance Method Summary collapse
Instance Method Details
#call(env) ⇒ Object
14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 |
# File 'lib/useless/rack/middleware/authentication/access_token.rb', line 14 def call(env) # If we don't already have a user set in the environment, unless env['useless.user'] # check to see if an access token was specified. if access_token = access_token_for_env(env) # If so, and a corresponding user can be found, if user = env['useless.mongo']['users'].find_one('access_token' => access_token) # set 'useless.user' in the environment. env['useless.user'] = user else # Otherwise, return a 401 Unauthorized. return [401, {'Content-Type' => 'text/plain'}, ["Invalid access token: #{access_token}"]] end end end @app.call(env) end |
#initialize(app) ⇒ Object
10 11 12 |
# File 'lib/useless/rack/middleware/authentication/access_token.rb', line 10 def initialize(app) @app = app end |