Class: Warden::Manager

Inherits:

Object

• Object
• Warden::Manager

Defined in:

lib/warden/manager.rb,
lib/warden/authentication/hooks.rb

Overview

The middleware for Rack Authentication The middlware requires that there is a session upstream The middleware injects an authentication object into the rack environment hash

Instance Attribute Summary

• #config ⇒ Object

  Returns the value of attribute config.

• #failure_app ⇒ Object

  Returns the value of attribute failure_app.

Class Method Summary

• ._after_authentication ⇒ Object

  Provides access to the array of after_authentication blocks :api: private.

• ._after_set_user ⇒ Object

  Provides access to the array of after_set_user blocks to run :api: private.

• ._before_failure ⇒ Object

  Provides access to the callback array for before_failure :api: private.

• ._before_logout ⇒ Object

  Provides access to the callback array for before_logout :api: private.

• ._fetch_user(session, scope = :default) ⇒ Object

  Does the work of fetching the user from the session :api: private.

• ._store_user(user, session, scope = :default) ⇒ Object

  Does the work of storing the user in the session :api: private.

• .after_authentication(&block) ⇒ Object

  A callback hook set to run after the first authentiation of a session.

• .after_set_user(&block) ⇒ Object

  A callback hook set to run every time after a user is set.

• .before_failure(&block) ⇒ Object

  A callback that runs just prior to the failur application being called.

• .before_logout(&block) ⇒ Object

  A callback that runs just prior to the logout of each scope.

• .serialize_from_session(&blk) ⇒ Object

  Reconstitues the user from the session.

• .serialize_into_session(&block) ⇒ Object

  Prepares the user to serialize into the session.

Instance Method Summary

• #call(env) ⇒ Object

  :api: private.

• #default_strategies(*strategies) ⇒ Object

  Set the default strategies to use.

• #initialize(app, config = {}) {|_self| ... } ⇒ Manager constructor

  initialize the middleware.

• #silence_missing_strategies! ⇒ Object

  Do not raise an error if a missing strategy is given by default.

Constructor Details

#initialize(app, config = {}) {|_self| ... } ⇒ Manager

initialize the middleware. Provide a :failure_app in the options to setup an application to run when there is a failure The manager is yielded when initialized with a block. This is useful when declaring it in Rack::Builder :api: public

Yields:

• (_self)

Yield Parameters:

• _self (Warden::Manager) —

  the object that the method was called on

# File 'lib/warden/manager.rb', line 14

def initialize(app, config = {})
  @app = app
  @config = config
  yield self if block_given?

  # Should ensure there is a failure application defined.
  @failure_app = config[:failure_app] if config[:failure_app]
  raise "No Failure App provided" unless @failure_app
  self
end

Instance Attribute Details

#config ⇒ Object

Returns the value of attribute config.

# File 'lib/warden/manager.rb', line 8

def config
  @config
end

#failure_app ⇒ Object

Returns the value of attribute failure_app.

# File 'lib/warden/manager.rb', line 8

def failure_app
  @failure_app
end

Class Method Details

._after_authentication ⇒ Object

Provides access to the array of after_authentication blocks :api: private

# File 'lib/warden/authentication/hooks.rb', line 63

def _after_authentication
  @_after_authentication ||= []
end

._after_set_user ⇒ Object

Provides access to the array of after_set_user blocks to run :api: private

# File 'lib/warden/authentication/hooks.rb', line 35

def _after_set_user # :nodoc:
  @_after_set_user ||= []
end

._before_failure ⇒ Object

Provides access to the callback array for before_failure :api: private

# File 'lib/warden/authentication/hooks.rb', line 92

def _before_failure
  @_before_failure ||= []
end

._before_logout ⇒ Object

Provides access to the callback array for before_logout :api: private

# File 'lib/warden/authentication/hooks.rb', line 117

def _before_logout
  @_before_logout ||= []
end

._fetch_user(session, scope = :default) ⇒ Object

Does the work of fetching the user from the session :api: private

# File 'lib/warden/manager.rb', line 76

def _fetch_user(session, scope = :default) # :nodoc:
  key = session["warden.user.#{scope}.key"]
  return nil unless key
  serialize_from_session.call(key)
end

._store_user(user, session, scope = :default) ⇒ Object

Does the work of storing the user in the session :api: private

# File 'lib/warden/manager.rb', line 69

def _store_user(user, session, scope = :default) # :nodoc:
  return nil unless user
  session["warden.user.#{scope}.key"] = serialize_into_session.call(user)
end

.after_authentication(&block) ⇒ Object

A callback hook set to run after the first authentiation of a session. This will only happenwhen the session is first authenticated

Parameters: <block> A block to contain logic for the callback

Block Parameters: |user, auth, opts|
  user - The user object that is being set
  auth - The raw authentication proxy object.
  opts - any options passed into the authenticate call includeing :scope

Example:

Warden::Manager.after_authentication do |user, auth, opts|
  throw(:warden, opts) unless user.active?
end

:api: public

Raises:

• (BlockNotGiven)

# File 'lib/warden/authentication/hooks.rb', line 56

def after_authentication(&block)
  raise BlockNotGiven unless block_given?
  _after_authentication << block
end

.after_set_user(&block) ⇒ Object

A callback hook set to run every time after a user is set. This will happen the first time the user is either authenticated, accessed or manually set during a request. You can supply as many hooks as you like, and they will be run in order of decleration

Parameters: <block> A block where you can set arbitrary logic to run every time a user is set

Block Parameters: |user, auth, opts|
  user - The user object that is being set
  auth - The raw authentication proxy object.
  opts - any options passed into the set_user call includeing :scope

Example:

Warden::Manager.after_set_user do |user,auth,opts|
  scope = opts[:scope]
  if auth.session["#{scope}.last_access"].to_i > (Time.now - 5.minutes)
    auth.logout(scope)
    throw(:warden, :scope => scope, :reason => "Times Up")
  end
  auth.session["#{scope}.last_access"] = Time.now
end

:api: public

Raises:

• (BlockNotGiven)

# File 'lib/warden/authentication/hooks.rb', line 28

def after_set_user(&block)
  raise BlockNotGiven unless block_given?
  _after_set_user << block
end

.before_failure(&block) ⇒ Object

A callback that runs just prior to the failur application being called. This callback occurs after PATH_INFO has been modified for the failure (default /unauthenticated) In this callback you can mutate the environment as required by the failure application If a Rails controller were used for the failure_app for example, you would need to set request[:action] = :unauthenticated

Parameters: <block> A block to contain logic for the callback

Block Parameters: |user, auth, opts|
  env - The rack env hash
  opts - any options passed into the authenticate call includeing :scope

Example:

Warden::Manager.before_failure do |env, opts|
  params = Rack::Request.new(env).params
  params[:action] = :unauthenticated
  params[:warden_failure] = opts
end

:api: public

# File 'lib/warden/authentication/hooks.rb', line 86

def before_failure(&block)
  _before_failure << block
end

.before_logout(&block) ⇒ Object

A callback that runs just prior to the logout of each scope.

Parameters: <block> A block to contain logic for the callback

Block Parameters: |user, auth, scope|
  user - The authenticated user for the current scope
  auth - The warden proxy object
  scope - current logout scope

Example:

Warden::Manager.before_logout do |user, auth, scope|
  user.forget_me!
end

:api: public

# File 'lib/warden/authentication/hooks.rb', line 111

def before_logout(&block)
  _before_logout << block
end

.serialize_from_session(&blk) ⇒ Object

Reconstitues the user from the session. Use the results of user_session_key to reconstitue the user from the session on requests after the initial login

Example:

Warden::Manager.serialize_from_session{ |id| User.get(id) }

:api: public

# File 'lib/warden/manager.rb', line 103

def serialize_from_session(&blk)
  @serialize_from_session = blk if block_given?
  @serialize_from_session ||= lambda{|key| key}
end

.serialize_into_session(&block) ⇒ Object

Prepares the user to serialize into the session. Any object that can be serialized into the session in some way can be used as a “user” object Generally however complex object should not be stored in the session. If possible store only a “key” of the user object that will allow you to reconstitute it.

Example:

Warden::Manager.serialize_into_session{ |user| user.id }

:api: public

# File 'lib/warden/manager.rb', line 91

def serialize_into_session(&block)
  @serialize_into_session = block if block_given?
  @serialize_into_session ||= lambda{|user| user}
end

Instance Method Details

#call(env) ⇒ Object

:api: private

# File 'lib/warden/manager.rb', line 42

def call(env) # :nodoc:
  # if this is downstream from another warden instance, don't do anything.
  return @app.call(env) unless env['warden'].nil?

  env['warden'] = Proxy.new(env, @config)
  result = catch(:warden) do
    @app.call(env)
  end

  result ||= {}
  case result
  when Array
    if result.first != 401
      return result
    else
      process_unauthenticated({:original_response => result, :action => :unauthenticated}, env)
    end
  when Hash
    result[:action] ||= :unauthenticated
    process_unauthenticated(result, env)
  end
end

#default_strategies(*strategies) ⇒ Object

Set the default strategies to use. :api: public

# File 'lib/warden/manager.rb', line 33

def default_strategies(*strategies)
  if strategies.empty?
    @config[:default_strategies]
  else
    @config[:default_strategies] = strategies.flatten
  end
end

#silence_missing_strategies! ⇒ Object

Do not raise an error if a missing strategy is given by default. :api: plugin

# File 'lib/warden/manager.rb', line 27

def silence_missing_strategies!
  @config[:silence_missing_strategies] = true
end