Class: Warden::Proxy

Inherits:
Object
  • Object
show all
Extended by:
Forwardable
Includes:
Mixins::Common
Defined in:
lib/warden/proxy.rb,
lib/warden/errors.rb

Defined Under Namespace

Classes: Errors

Instance Attribute Summary collapse

Instance Method Summary collapse

Methods included from Mixins::Common

#params, #request, #reset_session!

Constructor Details

#initialize(env, config = {}) ⇒ Proxy

:nodoc:



19
20
21
22
23
24
25
 
# File 'lib/warden/proxy.rb', line 19

def initialize(env, config = {}) # :nodoc:
  @env = env
  @config = config
  @strategies = @config.fetch(:default_strategies, [])
  @users = {}
  errors # setup the error object in the session
end

Instance Attribute Details

#envObject (readonly)

An accessor to the rack env hash :api: public



11
12
13
 
# File 'lib/warden/proxy.rb', line 11

def env
  @env
end

#winning_strategyObject

:api: private



7
8
9
 
# File 'lib/warden/proxy.rb', line 7

def winning_strategy
  @winning_strategy
end

Instance Method Details

#authenticate(*args) ⇒ Object

Run the authentiation strategies for the given strategies. If there is already a user logged in for a given scope, the strategies are not run This does not halt the flow of control and is a passive attempt to authenticate only When scope is not specified, :default is assumed.

Parameters:

args - a list of symbols (labels) that name the strategies to attempt
opts - an options hash that contains the :scope of the user to check

Example:

env['auth'].authenticate(:password, :basic, :scope => :sudo)

:api: public



63
64
65
66
 
# File 'lib/warden/proxy.rb', line 63

def authenticate(*args)
  scope, opts = _perform_authentication(*args)
  user(scope)
end

#authenticate!(*args) ⇒ Object

The same as authenticate except on failure it will throw an :warden symbol causing the request to be halted and rendered through the failure_app

Example

env['warden'].authenticate!(:password, :scope => :publisher) # throws if it cannot authenticate

:api: public



75
76
77
78
79
 
# File 'lib/warden/proxy.rb', line 75

def authenticate!(*args)
  scope, opts = _perform_authentication(*args)
  throw(:warden, opts.merge(:action => :unauthenticated)) if !user(scope)
  user(scope)
end

#authenticated?(scope = :default) ⇒ Boolean

Check to see if there is an authenticated user for the given scope. When scope is not specified, :default is assumed. This will not try to reconstitute the user from the session and will simply check for the existance of a session key

Parameters:

scope - the scope to check for authentication.  Defaults to :default

Example:

env['warden'].authenticated?(:admin)

:api: public

Returns:

  • (Boolean) 


38
39
40
41
42
 
# File 'lib/warden/proxy.rb', line 38

def authenticated?(scope = :default)
  result = !!user(scope)
  yield if block_given? && result
  result
end

#custom_failure!Object

Provides a way to return a 401 without warden defering to the failure app The result is a direct passthrough of your own response :api: public



191
192
193
 
# File 'lib/warden/proxy.rb', line 191

def custom_failure!
  @custom_failure = true
end

#custom_failure?Boolean

Check to see if the custom failur flag has been set :api: public

Returns:

  • (Boolean) 


197
198
199
 
# File 'lib/warden/proxy.rb', line 197

def custom_failure?
  !!@custom_failure
end

#errorsObject

:api: public



5
6
7
 
# File 'lib/warden/errors.rb', line 5

def errors
  @env['warden.errors'] ||= Errors.new
end

#logout(*scopes) ⇒ Object

Provides logout functionality. The logout also manages any authenticated data storage and clears it when a user logs out.

Parameters:

scopes - a list of scopes to logout

Example:

# Logout everyone and clear the session
env['warden'].logout

# Logout the default user but leave the rest of the session alone
env['warden'].logout(:default)

# Logout the :publisher and :admin user
env['warden'].logout(:publisher, :admin)

:api: public



157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
 
# File 'lib/warden/proxy.rb', line 157

def logout(*scopes)
  # Run before_logout hooks for each scoped user
  @users.each do |scope, user|
    next unless scopes.empty? || scopes.include?(scope)
    Warden::Manager._before_logout.each { |hook| hook.call(user, self, scope) }
  end

  if scopes.empty?
    reset_session!
    @users.clear
  else
    scopes.each do |s|
      raw_session["warden.user.#{s}.key"] = nil
      raw_session["warden.user.#{s}.session"] = nil
      @users.delete(s)
    end
  end
end

#messageObject

Proxy through to the authentication strategy to find out the message that was generated. :api: public



184
185
186
 
# File 'lib/warden/proxy.rb', line 184

def message
  winning_strategy.nil? ? "" : winning_strategy.message
end

#resultObject

proxy methods through to the winning strategy :api: private



178
179
180
 
# File 'lib/warden/proxy.rb', line 178

def result # :nodoc:
  winning_strategy.nil? ? nil : winning_strategy.result
end

#session(scope = :default) ⇒ Object

Provides a scoped session data for authenticated users. Warden manages clearing out this data when a user logs out

Example

# default scope
env['warden'].session[:foo] = "bar"

# :sudo scope
env['warden'].session(:sudo)[:foo] = "bar"

:api: public

Raises:



135
136
137
138
 
# File 'lib/warden/proxy.rb', line 135

def session(scope = :default)
  raise NotAuthenticated, "#{scope.inspect} user is not logged in" unless authenticated?(scope)
  raw_session["warden.user.#{scope}.session"] ||= {}
end

#set_user(user, opts = {}) ⇒ Object

Manually set the user into the session and auth proxy

Parameters:

user - An object that has been setup to serialize into and out of the session.
opts - An options hash.  Use the :scope option to set the scope of the user, set the :store option to false to skip serializing into the session.

:api: public



99
100
101
102
103
104
105
106
107
 
# File 'lib/warden/proxy.rb', line 99

def set_user(user, opts = {})
  scope = (opts[:scope] ||= :default)
  Warden::Manager._store_user(user, raw_session, scope) unless opts[:store] == false# Get the user into the session

  # Run the after hooks for setting the user
  Warden::Manager._after_set_user.each{|hook| hook.call(user, self, opts)}

  @users[scope] = user # Store the user in the proxy user object
end

#stored_in_session?(scope = :default) ⇒ Boolean

Checks if the given scope is stored in session. Different from authenticated?, this method does not serialize values from session.

Example

env['warden'].set_user(@user)
env['warden'].stored_in_session? #=> true

:api: public

Returns:

  • (Boolean) 


89
90
91
 
# File 'lib/warden/proxy.rb', line 89

def stored_in_session?(scope = :default)
  !!raw_session["warden.user.#{scope}.key"]
end

#unauthenticated?(scope = :default) ⇒ Boolean

Same API as authenticated, but returns false when authenticated.

Returns:

  • (Boolean) 


45
46
47
48
49
 
# File 'lib/warden/proxy.rb', line 45

def unauthenticated?(scope = :default)
  result = !authenticated?(scope)
  yield if block_given? && result
  result
end

#user(scope = :default) ⇒ Object

Provides acccess to the user object in a given scope for a request. will be nil if not logged in

Example:

# without scope (default user)
env['warden'].user

# with scope
env['warden'].user(:admin)

:api: public



120
121
122
 
# File 'lib/warden/proxy.rb', line 120

def user(scope = :default)
  @users[scope] ||= lookup_user_from_session(scope)
end