Module: Ext::Security

Extended by:

Equipment

Defined in:

lib/ext/security.rb

Overview

Generic authentication module. Used by BasicAuth for example.

Warning

Never use this module alone. You should at least create another module that extends Base. This is because of how Equipment works right now. You wouldn’t be able to define authenticate and authorize and call super. Ask zimbatm for more information on this if you’re interested… :-)

Usage

Security is split in two methods ; authenticate and authorize. The role of authenticate is to detect the user, loaded by session or other. The role of authorize is to tell if the user is authorized or not. Authorize must be overriden if you want to secure some place of your app. Defining it in Base will act globally. You can also define them individually in each controller, like you want. Finally, both methods are chained, so you can use super to mix various security mechanism.

In your app, override authenticate if you want to load your users from the database. eg.

def authenticate
  user, pass = *super
  @user = User.find_by_login_and_password(user, pass)
  return [user, pass] if @user
  return [nil, nil]
end

Override authotize like that

def authorize(user, pass)
  # some auth mechanism
  if user == pass
    return true
  else
    return false
  end
end

Dependencies

• Equipment

• AppUtil

• Forward

• View

Defined Under Namespace

Modules: Base, Controllers

Constant Summary

Constants included from Equipment

Equipment::DATA_PATH, Equipment::LIB_PATH

Instance Attribute Summary

Attributes included from Equipment

#debug

Method Summary

Methods included from Equipment

dependencies, depends_on, equip, equip_all, global_extensions, included