Module: Authentication

Included in:

Page

Defined in:

lib/yodel/request/authentication.rb

Overview

some of the basic auth code taken from an inspired by rack/auth/basic

Constant Summary

AUTHORIZATION_KEYS =

['HTTP_AUTHORIZATION', 'X-HTTP_AUTHORIZATION', 'X_HTTP_AUTHORIZATION']

Instance Method Summary

• #current_user(auth_type = nil) ⇒ Object
• #logged_in?(auth_type = nil) ⇒ Boolean
• #login(credentials) ⇒ Object
• #logout ⇒ Object
• #prompt_login(auth_type = nil) ⇒ Object
• #store_authenticated_user(user) ⇒ Object

Instance Method Details

#current_user(auth_type = nil) ⇒ Object

# File 'lib/yodel/request/authentication.rb', line 9

def current_user(auth_type=nil)
  unless defined?(@current_user)
    @current_user = nil
    auth_type ||= mime_type.auth_type
    
    if auth_type == :page || session['current_user_id']
      @current_user = site.users.find(session['current_user_id'])
      session.delete('current_user_id') if @current_user.nil?
      
    elsif auth_type == :basic
      unless authorization_key.nil? || !basic?
        user = site.users.first(username: credentials.first)
        @current_user = user if user.try(:passwords_match?, credentials.last)
      end
    end
  end
  @current_user
end

#logged_in?(auth_type = nil) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/yodel/request/authentication.rb', line 5

def logged_in?(auth_type=nil)
  !current_user(auth_type).nil?
end

#login(credentials) ⇒ Object

# File 'lib/yodel/request/authentication.rb', line 42

def login(credentials)
  password = credentials.delete('password')
  user = site.users.first(credentials)
  if user && user.passwords_match?(password)
    store_authenticated_user(user)
  end
  !@current_user.nil?
end

#logout ⇒ Object

# File 'lib/yodel/request/authentication.rb', line 51

def logout
  session.delete('current_user_id')
end

#prompt_login(auth_type = nil) ⇒ Object

# File 'lib/yodel/request/authentication.rb', line 28

def prompt_login(auth_type=nil)
  auth_type ||= mime_type.auth_type
  case auth_type
  when :page
    session[:redirect_to_after_login] = self.path
    response.redirect site.login_pages.first.path
  when :basic
    response['Content-Type'] = 'text/plain'
    response['WWW-Authenticate'] = "Basic realm=\"#{title}\""
    response.status = 401
    response.body = []
  end
end

#store_authenticated_user(user) ⇒ Object

# File 'lib/yodel/request/authentication.rb', line 55

def store_authenticated_user(user)
  session['current_user_id'] = user.id
  @current_user = user
end