Class: Warden::Proxy
- Inherits:
-
Object
- Object
- Warden::Proxy
- Extended by:
- Forwardable
- Includes:
- Mixins::Common
- Defined in:
- lib/warden/proxy.rb,
lib/warden/errors.rb
Defined Under Namespace
Classes: Errors
Instance Attribute Summary collapse
-
#env ⇒ Object
readonly
An accessor to the rack env hash :api: public.
-
#winning_strategy ⇒ Object
:api: private.
Instance Method Summary collapse
-
#authenticate(*args) ⇒ Object
Run the authentiation strategies for the given strategies.
-
#authenticate!(*args) ⇒ Object
The same as
authenticate
except on failure it will throw an :warden symbol causing the request to be halted and rendered through thefailure_app
. -
#authenticated?(scope = :default) ⇒ Boolean
Check to see if there is an authenticated user for the given scope.
-
#custom_failure! ⇒ Object
Provides a way to return a 401 without warden defering to the failure app The result is a direct passthrough of your own response :api: public.
-
#custom_failure? ⇒ Boolean
Check to see if the custom failur flag has been set :api: public.
-
#errors ⇒ Object
:api: public.
-
#initialize(env, config = {}) ⇒ Proxy
constructor
:nodoc:.
-
#logout(*scopes) ⇒ Object
Provides logout functionality.
-
#message ⇒ Object
Proxy through to the authentication strategy to find out the message that was generated.
-
#result ⇒ Object
proxy methods through to the winning strategy :api: private.
-
#session(scope = :default) ⇒ Object
Provides a scoped session data for authenticated users.
-
#set_user(user, opts = {}) ⇒ Object
Manually set the user into the session and auth proxy.
-
#stored_in_session?(scope = :default) ⇒ Boolean
Checks if the given scope is stored in session.
-
#unauthenticated?(scope = :default) ⇒ Boolean
Same API as authenticated, but returns false when authenticated.
-
#user(scope = :default) ⇒ Object
Provides acccess to the user object in a given scope for a request.
Methods included from Mixins::Common
#params, #request, #reset_session!
Constructor Details
#initialize(env, config = {}) ⇒ Proxy
:nodoc:
19 20 21 22 23 24 25 |
# File 'lib/warden/proxy.rb', line 19 def initialize(env, config = {}) # :nodoc: @env = env @config = config @strategies = @config.fetch(:default_strategies, []) @users = {} errors # setup the error object in the session end |
Instance Attribute Details
#env ⇒ Object (readonly)
An accessor to the rack env hash :api: public
11 12 13 |
# File 'lib/warden/proxy.rb', line 11 def env @env end |
#winning_strategy ⇒ Object
:api: private
7 8 9 |
# File 'lib/warden/proxy.rb', line 7 def winning_strategy @winning_strategy end |
Instance Method Details
#authenticate(*args) ⇒ Object
Run the authentiation strategies for the given strategies. If there is already a user logged in for a given scope, the strategies are not run This does not halt the flow of control and is a passive attempt to authenticate only When scope is not specified, :default is assumed.
Parameters:
args - a list of symbols (labels) that name the strategies to attempt
opts - an options hash that contains the :scope of the user to check
Example:
env['auth'].authenticate(:password, :basic, :scope => :sudo)
:api: public
63 64 65 66 |
# File 'lib/warden/proxy.rb', line 63 def authenticate(*args) scope, opts = _perform_authentication(*args) user(scope) end |
#authenticate!(*args) ⇒ Object
The same as authenticate
except on failure it will throw an :warden symbol causing the request to be halted and rendered through the failure_app
Example
env['warden'].authenticate!(:password, :scope => :publisher) # throws if it cannot authenticate
:api: public
75 76 77 78 79 |
# File 'lib/warden/proxy.rb', line 75 def authenticate!(*args) scope, opts = _perform_authentication(*args) throw(:warden, opts.merge(:action => :unauthenticated)) if !user(scope) user(scope) end |
#authenticated?(scope = :default) ⇒ Boolean
Check to see if there is an authenticated user for the given scope. When scope is not specified, :default is assumed. This will not try to reconstitute the user from the session and will simply check for the existance of a session key
Parameters:
scope - the scope to check for authentication. Defaults to :default
Example:
env['warden'].authenticated?(:admin)
:api: public
38 39 40 41 42 |
# File 'lib/warden/proxy.rb', line 38 def authenticated?(scope = :default) result = !!user(scope) yield if block_given? && result result end |
#custom_failure! ⇒ Object
Provides a way to return a 401 without warden defering to the failure app The result is a direct passthrough of your own response :api: public
191 192 193 |
# File 'lib/warden/proxy.rb', line 191 def custom_failure! @custom_failure = true end |
#custom_failure? ⇒ Boolean
Check to see if the custom failur flag has been set :api: public
197 198 199 |
# File 'lib/warden/proxy.rb', line 197 def custom_failure? !!@custom_failure end |
#errors ⇒ Object
:api: public
5 6 7 |
# File 'lib/warden/errors.rb', line 5 def errors @env['warden.errors'] ||= Errors.new end |
#logout(*scopes) ⇒ Object
Provides logout functionality. The logout also manages any authenticated data storage and clears it when a user logs out.
Parameters:
scopes - a list of scopes to logout
Example:
# Logout everyone and clear the session
env['warden'].logout
# Logout the default user but leave the rest of the session alone
env['warden'].logout(:default)
# Logout the :publisher and :admin user
env['warden'].logout(:publisher, :admin)
:api: public
157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 |
# File 'lib/warden/proxy.rb', line 157 def logout(*scopes) # Run before_logout hooks for each scoped user @users.each do |scope, user| next unless scopes.empty? || scopes.include?(scope) Warden::Manager._before_logout.each { |hook| hook.call(user, self, scope) } end if scopes.empty? reset_session! @users.clear else scopes.each do |s| raw_session["warden.user.#{s}.key"] = nil raw_session["warden.user.#{s}.session"] = nil @users.delete(s) end end end |
#message ⇒ Object
Proxy through to the authentication strategy to find out the message that was generated. :api: public
184 185 186 |
# File 'lib/warden/proxy.rb', line 184 def winning_strategy.nil? ? "" : winning_strategy. end |
#result ⇒ Object
proxy methods through to the winning strategy :api: private
178 179 180 |
# File 'lib/warden/proxy.rb', line 178 def result # :nodoc: winning_strategy.nil? ? nil : winning_strategy.result end |
#session(scope = :default) ⇒ Object
Provides a scoped session data for authenticated users. Warden manages clearing out this data when a user logs out
Example
# default scope
env['warden'].session[:foo] = "bar"
# :sudo scope
env['warden'].session(:sudo)[:foo] = "bar"
:api: public
135 136 137 138 |
# File 'lib/warden/proxy.rb', line 135 def session(scope = :default) raise NotAuthenticated, "#{scope.inspect} user is not logged in" unless authenticated?(scope) raw_session["warden.user.#{scope}.session"] ||= {} end |
#set_user(user, opts = {}) ⇒ Object
Manually set the user into the session and auth proxy
Parameters:
user - An object that has been setup to serialize into and out of the session.
opts - An options hash. Use the :scope option to set the scope of the user, set the :store option to false to skip serializing into the session.
:api: public
99 100 101 102 103 104 105 106 107 |
# File 'lib/warden/proxy.rb', line 99 def set_user(user, opts = {}) scope = (opts[:scope] ||= :default) Warden::Manager._store_user(user, raw_session, scope) unless opts[:store] == false# Get the user into the session # Run the after hooks for setting the user Warden::Manager._after_set_user.each{|hook| hook.call(user, self, opts)} @users[scope] = user # Store the user in the proxy user object end |
#stored_in_session?(scope = :default) ⇒ Boolean
Checks if the given scope is stored in session. Different from authenticated?, this method does not serialize values from session.
Example
env['warden'].set_user(@user)
env['warden'].stored_in_session? #=> true
:api: public
89 90 91 |
# File 'lib/warden/proxy.rb', line 89 def stored_in_session?(scope = :default) !!raw_session["warden.user.#{scope}.key"] end |
#unauthenticated?(scope = :default) ⇒ Boolean
Same API as authenticated, but returns false when authenticated.
45 46 47 48 49 |
# File 'lib/warden/proxy.rb', line 45 def unauthenticated?(scope = :default) result = !authenticated?(scope) yield if block_given? && result result end |
#user(scope = :default) ⇒ Object
Provides acccess to the user object in a given scope for a request. will be nil if not logged in
Example:
# without scope (default user)
env['warden'].user
# with scope
env['warden'].user(:admin)
:api: public
120 121 122 |
# File 'lib/warden/proxy.rb', line 120 def user(scope = :default) @users[scope] ||= lookup_user_from_session(scope) end |