Class: Heroku::Bouncer::Middleware

Inherits:
Sinatra::Base
  • Object
show all
Defined in:
lib/heroku/bouncer/middleware.rb

Constant Summary collapse

DecryptedHash = 
::Heroku::Bouncer::DecryptedHash
UnableToFetchUserError = 
Class.new(RuntimeError)

Instance Method Summary collapse

Constructor Details

#initialize(app, options = {}) ⇒ Middleware

Returns a new instance of Middleware.



18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
 
# File 'lib/heroku/bouncer/middleware.rb', line 18

def initialize(app, options = {})
  if options[:disabled]
    @app = app
    @disabled = true
    # super is not called; we're not using sinatra if we're disabled
  else
    super(app)
    @disabled = false
    @cookie_secret = extract_option(options, :secret, SecureRandom.hex(64))
    @allow_if_user = extract_option(options, :allow_if_user, nil)
    @login_path = extract_option(options, :login_path, DEFAULT_LOGIN_PATH)
    @redirect_url = extract_option(options, :redirect_url, 'https://www.heroku.com')

    # backwards-compatibilty for `herokai_only`:
    #  * check email for ending with `@heroku.com`
    #  * The redirect URL can be passed as a string value to `herokai_only`
    herokai_only = extract_deprecated_option("please use `allow_if_user` instead", options, :herokai_only, false)
    if herokai_only
      if herokai_only.is_a?(String) && !options[:redirect_url]
        @redirect_url = herokai_only
      end
      @allow_if_user ||= lambda { |user| user['email'].end_with?("@heroku.com") }
    end

    # backwards-compatibility for allow_if
    allow_if = extract_option(options, :allow_if, false)
    if allow_if
      @allow_if_user ||= lambda { |user| allow_if.call(user['email']) }
    end

    @expose_token = extract_option(options, :expose_token, false)
    @expose_email = extract_option(options, :expose_email, true)
    @expose_user = extract_option(options, :expose_user, true)
    @session_sync_nonce = extract_option(options, :session_sync_nonce, nil)
    @allow_anonymous = extract_option(options, :allow_anonymous, nil)
    @skip = extract_option(options, :skip, false)
  end
end

Instance Method Details

#call(env) ⇒ Object 



57
58
59
60
61
62
63
64
65
 
# File 'lib/heroku/bouncer/middleware.rb', line 57

def call(env)
  if @disabled || skip?(env)
    @app.call(env)
  else
    unlock_session_data(env) do
      super(env)
    end
  end
end