Class: Merb::AuthenticationMixin::BasicAuthentication

Inherits:

Object

• Object
• Merb::AuthenticationMixin::BasicAuthentication

Includes:

ControllerExceptions

Defined in:

lib/merb-core/controller/mixins/authentication.rb

Constant Summary

Constants included from ControllerExceptions

ControllerExceptions::STATUS_CODES

Instance Method Summary

• #authenticate(&authenticator) ⇒ Object

  Determines whether or not the user is authenticated using the criteria in the provided authenticator block.

• #initialize(controller, realm = "Application", &authenticator) ⇒ BasicAuthentication constructor private

  A new instance of BasicAuthentication.

• #password ⇒ Object

  Returns String:: The password provided in the request.

• #provided? ⇒ Boolean

  Returns Boolean:: Whether there has been any basic authentication credentials provided.

• #request ⇒ Object

  Request basic authentication and halt the filter chain.

• #request! ⇒ Object

  Sets headers to request basic auth.

• #username ⇒ Object

  Returns String:: The username provided in the request.

Constructor Details

#initialize(controller, realm = "Application", &authenticator) ⇒ BasicAuthentication

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Returns a new instance of BasicAuthentication.

# File 'lib/merb-core/controller/mixins/authentication.rb', line 88

def initialize(controller, realm = "Application", &authenticator)
  @controller = controller
  @realm = realm
  @auth = Rack::Auth::Basic::Request.new(@controller.request.env)
  authenticate_or_request(&authenticator) if authenticator
end

Instance Method Details

#authenticate(&authenticator) ⇒ Object

Determines whether or not the user is authenticated using the criteria in the provided authenticator block.

Parameters

&authenticator

A block that decides whether the provided username and password

are valid.

Returns

Object

False if basic auth is not provided, otherwise the return value of the authenticator block.

# File 'lib/merb-core/controller/mixins/authentication.rb', line 104

def authenticate(&authenticator)
  if @auth.provided? and @auth.basic?
    authenticator.call(*@auth.credentials)
  else
    false
  end
end

#password ⇒ Object

Returns

String

The password provided in the request.

# File 'lib/merb-core/controller/mixins/authentication.rb', line 155

def password
  provided? ? @auth.credentials.last : nil
end

#provided? ⇒ Boolean

Returns

Boolean

Whether there has been any basic authentication credentials provided

Returns:

• (Boolean)

# File 'lib/merb-core/controller/mixins/authentication.rb', line 139

def provided?
  @auth.provided?
end

#request ⇒ Object

Request basic authentication and halt the filter chain. This is for use in a before filter.

Throws

:halt with an “HTTP Basic: Access denied.” message with no layout, and sets the status to Unauthorized.

# File 'lib/merb-core/controller/mixins/authentication.rb', line 118

def request
  request!
  throw :halt, @controller.render("HTTP Basic: Access denied.\n", :status => Unauthorized.status, :layout => false)
end

#request! ⇒ Object

Sets headers to request basic auth.

Returns

String

Returns the empty string to provide a response body.

# File 'lib/merb-core/controller/mixins/authentication.rb', line 129

def request!
  @controller.status = Unauthorized.status
  @controller.headers['WWW-Authenticate'] = 'Basic realm="%s"' % @realm
  ""
end

#username ⇒ Object

Returns

String

The username provided in the request.

# File 'lib/merb-core/controller/mixins/authentication.rb', line 147

def username
  provided? ? @auth.credentials.first : nil
end