Class: CapyDash::Auth

Inherits:
Object
  • Object
show all
Defined in:
lib/capydash/auth.rb

Class Method Summary collapse

Class Method Details

.auth_enabled?Boolean

Returns:

  • (Boolean) 


71
72
73
 
# File 'lib/capydash/auth.rb', line 71

def auth_enabled?
  CapyDash.config.auth_enabled?
end

.authenticate(username, password) ⇒ Object 



7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
 
# File 'lib/capydash/auth.rb', line 7

def authenticate(username, password)
  return false unless auth_enabled?

  # Simple hardcoded credentials for MVP
  # In production, this would connect to a proper user database
  valid_credentials = {
    'admin' => 'capydash123',
    'developer' => 'test123',
    'viewer' => 'readonly123'
  }

  if valid_credentials[username] == password
    token = generate_token(username)
    Logger.info("User authenticated", {
      username: username,
      token: token[0..8] + "..."
    })
    token
  else
    Logger.warn("Authentication failed", {
      username: username,
      ip: current_ip
    })
    nil
  end
end

.require_auth!Object 



75
76
77
78
79
80
 
# File 'lib/capydash/auth.rb', line 75

def require_auth!
  return true unless auth_enabled?
  # This would be called by middleware or controllers
  # For now, just return true
  true
end

.validate_token(token) ⇒ Object 



34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
 
# File 'lib/capydash/auth.rb', line 34

def validate_token(token)
  return false unless auth_enabled?
  return false unless token && token.length > 10

  # Simple token validation for MVP
  # In production, this would use JWT or similar
  begin
    decoded = Base64.decode64(token)
    parts = decoded.split(':')
    return false unless parts.length == 3

    username, timestamp, signature = parts
    expected_signature = generate_signature(username, timestamp)

    if signature == expected_signature
      # Check if token is not expired (24 hours)
      token_time = Time.at(timestamp.to_i)
      if Time.now - token_time < 24 * 60 * 60
        Logger.debug("Token validated", { username: username })
        username
      else
        Logger.warn("Token expired", { username: username })
        false
      end
    else
      Logger.warn("Invalid token signature", { token: token[0..8] + "..." })
      false
    end
  rescue => e
    ErrorHandler.handle_error(e, {
      error_type: 'authentication',
      operation: 'validate_token'
    })
    false
  end
end