Class: WEBrick::HTTPAuth::Htdigest

Inherits:

Object

• Object
• WEBrick::HTTPAuth::Htdigest

Includes:

UserDB

Defined in:

lib/webrick/httpauth/htdigest.rb

Overview

Htdigest accesses apache-compatible digest password files. Passwords are matched to a realm where they are valid. For security, the path for a digest password database should be stored outside of the paths available to the HTTP server.

Htdigest is intended for use with WEBrick::HTTPAuth::DigestAuth and stores passwords using cryptographic hashes.

htpasswd = WEBrick::HTTPAuth::Htdigest.new 'my_password_file'
htpasswd.set_passwd 'my realm', 'username', 'password'
htpasswd.flush

Instance Attribute Summary

Attributes included from UserDB

#auth_type

Instance Method Summary

• #delete_passwd(realm, user) ⇒ Object

  Removes a password from the database for user in realm.

• #each ⇒ Object

  Iterate passwords in the database.

• #flush(output = nil) ⇒ Object

  Flush the password database.

• #get_passwd(realm, user, reload_db) ⇒ Object

  Retrieves a password from the database for user in realm.

• #initialize(path) ⇒ Htdigest constructor

  Open a digest password database at path.

• #reload ⇒ Object

  Reloads passwords from the database.

• #set_passwd(realm, user, pass) ⇒ Object

  Sets a password in the database for user in realm to pass.

Methods included from UserDB

#make_passwd

Constructor Details

#initialize(path) ⇒ Htdigest

Open a digest password database at path

# File 'lib/webrick/httpauth/htdigest.rb', line 36

def initialize(path)
  @path = path
  @mtime = Time.at(0)
  @digest = Hash.new
  @mutex = Mutex::new
  @auth_type = DigestAuth
  open(@path,"a").close unless File::exist?(@path)
  reload
end

Instance Method Details

#delete_passwd(realm, user) ⇒ Object

Removes a password from the database for user in realm.

# File 'lib/webrick/httpauth/htdigest.rb', line 109

def delete_passwd(realm, user)
  if hash = @digest[realm]
    hash.delete(user)
  end
end

#each ⇒ Object

Iterate passwords in the database.

# File 'lib/webrick/httpauth/htdigest.rb', line 118

def each # :yields: [user, realm, password_hash]
  @digest.keys.sort.each{|realm|
    hash = @digest[realm]
    hash.keys.sort.each{|user|
      yield([user, realm, hash[user]])
    }
  }
end

#flush(output = nil) ⇒ Object

Flush the password database. If output is given the database will be written there instead of to the original path.

# File 'lib/webrick/httpauth/htdigest.rb', line 71

def flush(output=nil)
  output ||= @path
  tmp = Tempfile.new("htpasswd", File::dirname(output))
  begin
    each{|item| tmp.puts(item.join(":")) }
    tmp.close
    File::rename(tmp.path, output)
  rescue
    tmp.close(true)
  end
end

#get_passwd(realm, user, reload_db) ⇒ Object

Retrieves a password from the database for user in realm. If reload_db is true the database will be reloaded first.

# File 'lib/webrick/httpauth/htdigest.rb', line 87

def get_passwd(realm, user, reload_db)
  reload() if reload_db
  if hash = @digest[realm]
    hash[user]
  end
end

#reload ⇒ Object

Reloads passwords from the database

# File 'lib/webrick/httpauth/htdigest.rb', line 49

def reload
  mtime = File::mtime(@path)
  if mtime > @mtime
    @digest.clear
    open(@path){|io|
      while line = io.gets
        line.chomp!
        user, realm, pass = line.split(/:/, 3)
        unless @digest[realm]
          @digest[realm] = Hash.new
        end
        @digest[realm][user] = pass
      end
    }
    @mtime = mtime
  end
end

#set_passwd(realm, user, pass) ⇒ Object

Sets a password in the database for user in realm to pass.

# File 'lib/webrick/httpauth/htdigest.rb', line 97

def set_passwd(realm, user, pass)
  @mutex.synchronize{
    unless @digest[realm]
      @digest[realm] = Hash.new
    end
    @digest[realm][user] = make_passwd(realm, user, pass)
  }
end