Module: Backstage::Authentication

Defined in:

lib/authentication.rb

Instance Method Summary

• #auth ⇒ Object
• #authenticate(username, password) ⇒ Object
• #authenticated? ⇒ Boolean
• #bad_request! ⇒ Object
• #login_path ⇒ Object
• #require_authentication ⇒ Object
• #skip_authentication ⇒ Object
• #unauthorized!(realm = request.host) ⇒ Object

Instance Method Details

#auth ⇒ Object

# File 'lib/authentication.rb', line 23

def auth
  @auth ||= Rack::Auth::Basic::Request.new(request.env)
end

#authenticate(username, password) ⇒ Object

# File 'lib/authentication.rb', line 44

def authenticate(username, password)
  return false if username.nil? || password.nil?
  authenticator = TorqueBox::Authentication['backstage']
  authenticator.authenticate(username, password)
end

#authenticated? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/authentication.rb', line 40

def authenticated?
  !request.env['REMOTE_USER'].nil?
end

#bad_request! ⇒ Object

# File 'lib/authentication.rb', line 32

def bad_request!
  throw :halt, [ 400, 'Bad Request' ]
end

#login_path ⇒ Object

# File 'lib/authentication.rb', line 36

def login_path
  "#{request.script_name}/login"
end

#require_authentication ⇒ Object

# File 'lib/authentication.rb', line 54

def require_authentication
  return if request.env['SKIP_AUTH']
  return if authenticated?
  unauthorized! unless auth.provided?
  bad_request! unless auth.basic?
  unauthorized! unless authenticate(*auth.credentials)
  request.env['REMOTE_USER'] = auth.username
end

#skip_authentication ⇒ Object

# File 'lib/authentication.rb', line 50

def skip_authentication
  request.env['SKIP_AUTH'] = true
end

#unauthorized!(realm = request.host) ⇒ Object

# File 'lib/authentication.rb', line 27

def unauthorized!(realm=request.host)
  headers 'WWW-Authenticate' => %(Basic realm="#{realm}")
  throw :halt, [ 401, 'Authentication Required' ]
end