Module: Sinatra::Authorization

Defined in:
lib/diddies/authorization.rb

Overview

HTTP Authorization helpers for Sinatra.

In your helpers module, include Sinatra::Authorization and then define a authorize(user, password) method to handle user provided credentials.

Inside your events, call login_required to trigger the HTTP Authorization window to pop up in the browser.

Code adapted from Ryan Tomayko <tomayko.com> and Christopher Schneid <gittr.com>, shared under an MIT License

Instance Method Summary collapse

Instance Method Details

#authorization_realmObject

From you app, call set :authorization_realm, “my app” to set this or define a ‘authorization_realm` method in your helpers block.



22
23
24
 
# File 'lib/diddies/authorization.rb', line 22

def authorization_realm
  Sinatra.options.authorization_realm
end

#authorize(username, password) ⇒ Object

Redefine this method on your helpers block to actually contain your authorization logic.



16
17
18
 
# File 'lib/diddies/authorization.rb', line 16

def authorize(username, password)
  false
end

#authorized?Boolean Also known as: logged_in?

Convenience method to determine if a user is logged in

Returns:

  • (Boolean) 


36
37
38
 
# File 'lib/diddies/authorization.rb', line 36

def authorized?
  !!request.env['REMOTE_USER']
end

#current_userObject

Name provided by the current user to log in



42
43
44
 
# File 'lib/diddies/authorization.rb', line 42

def current_user
  request.env['REMOTE_USER']
end

#login_requiredObject

Call in any event that requires authentication



27
28
29
30
31
32
33
 
# File 'lib/diddies/authorization.rb', line 27

def 
  return if authorized?
  unauthorized! unless auth.provided?
  bad_request! unless auth.basic?
  unauthorized! unless authorize(*auth.credentials)
  request.env['REMOTE_USER'] = auth.username
end