Class: Merb::AuthenticationMixin::BasicAuthentication

Inherits:
Object
  • Object
show all
Includes:
ControllerExceptions
Defined in:
lib/merb-core/controller/mixins/authentication.rb

Constant Summary

Constants included from ControllerExceptions

ControllerExceptions::STATUS_CODES

Instance Method Summary collapse

Constructor Details

#initialize(controller, realm = "Application", &authenticator) ⇒ BasicAuthentication

:api: private


88
89
90
91
92
93
# File 'lib/merb-core/controller/mixins/authentication.rb', line 88

def initialize(controller, realm = "Application", &authenticator)
  @controller = controller
  @realm = realm
  @auth = Rack::Auth::Basic::Request.new(@controller.request.env)
  authenticate_or_request(&authenticator) if authenticator
end

Instance Method Details

#authenticate(&authenticator) ⇒ Object

Determines whether or not the user is authenticated using the criteria in the provided authenticator block.

Parameters

&authenticator

A block that decides whether the provided username and password

are valid.

Returns

Object

False if basic auth is not provided, otherwise the return value of the authenticator block.

:api: public


107
108
109
110
111
112
113
# File 'lib/merb-core/controller/mixins/authentication.rb', line 107

def authenticate(&authenticator)
  if @auth.provided? and @auth.basic?
    authenticator.call(*@auth.credentials)
  else
    false
  end
end

#passwordObject

Returns

String

The password provided in the request.

:api: public


158
159
160
# File 'lib/merb-core/controller/mixins/authentication.rb', line 158

def password
  provided? ? @auth.credentials.last : nil
end

#provided?Boolean

Returns

Boolean

Whether there has been any basic authentication credentials provided

:api: public

Returns:

  • (Boolean)

142
143
144
# File 'lib/merb-core/controller/mixins/authentication.rb', line 142

def provided?
  @auth.provided?
end

#requestObject

Request basic authentication and halt the filter chain. This is for use in a before filter.

Throws

:halt with an “HTTP Basic: Access denied.” message with no layout, and sets the status to Unauthorized.

:api: public


121
122
123
124
# File 'lib/merb-core/controller/mixins/authentication.rb', line 121

def request
  request!
  throw :halt, @controller.render("HTTP Basic: Access denied.\n", :status => Unauthorized.status, :layout => false)
end

#request!Object

Sets headers to request basic auth.

Returns

String

Returns the empty string to provide a response body.

:api: public


132
133
134
135
136
# File 'lib/merb-core/controller/mixins/authentication.rb', line 132

def request!
  @controller.status = Unauthorized.status
  @controller.headers['WWW-Authenticate'] = 'Basic realm="%s"' % @realm
  ""
end

#usernameObject

Returns

String

The username provided in the request.

:api: public


150
151
152
# File 'lib/merb-core/controller/mixins/authentication.rb', line 150

def username
  provided? ? @auth.credentials.first : nil
end