Module: Webmachine::Resource::Authentication

Defined in:
lib/webmachine/resource/authentication.rb

Overview

Helper methods that can be included in your Webmachine::Resource to assist in performing HTTP Authentication.

Constant Summary collapse

BASIC_HEADER =

Pattern for matching Authorization headers that use the Basic auth scheme.

/^Basic (.*)$/i.freeze

Instance Method Summary collapse

Instance Method Details

#basic_auth(header, realm = "Webmachine") {|user, password| ... } ⇒ true, String

A simple implementation of HTTP Basic auth. Call this from the Callbacks#is_authorized? callback, giving it a block which will be yielded the username and password and return true or false.

Yields:

  • (user, password)

    a block that will verify the client-provided user/password against application constraints

Yield Parameters:

  • user (String)

    the passed username

  • password (String)

    the passed password

Yield Returns:

  • (true, false)

    whether the username/password is correct


26
27
28
29
30
31
32
# File 'lib/webmachine/resource/authentication.rb', line 26

def basic_auth(header, realm="Webmachine")
  if header =~ BASIC_HEADER && (yield *$1.unpack('m*').first.split(/:/,2))
    true
  else
    %Q[Basic realm="#{realm}"]
  end
end