Class: Rack::Auth::Cheat
- Inherits:
-
Object
- Object
- Rack::Auth::Cheat
- Defined in:
- lib/rack/auth/cheat.rb
Instance Method Summary collapse
-
#call(env) ⇒ Object
The call method we’ve defined first checks to see if the AUTH_USER environment variable is set.
-
#initialize(app, user_field = 'username', password_field = 'password') ⇒ Cheat
constructor
Creates a new Rack::Auth::Cheat object.
Constructor Details
#initialize(app, user_field = 'username', password_field = 'password') ⇒ Cheat
Creates a new Rack::Auth::Cheat object. The user_field
and password_field
are the params looked for in the call method. The defaults are ‘username’ and ‘password’, respectively.
8 9 10 11 12 |
# File 'lib/rack/auth/cheat.rb', line 8 def initialize(app, user_field = 'username', password_field = 'password') @app = app @user_field = user_field @password_field = password_field end |
Instance Method Details
#call(env) ⇒ Object
The call method we’ve defined first checks to see if the AUTH_USER environment variable is set. If it is, we assume that the user has already been authenticated and move on.
If AUTH_USER is not set, and AUTH_FAIL is not set, we then check whether the username and password match (the “Cheat” authentication method). If they match, AUTH_USER is set to the username.
If they don’t match then the request is passed on without modification. AUTH_FAIL will not be set by this class.
It up to the application to check for the presence of AUTH_USER and/or AUTH_FAIL and act as necessary.
28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 |
# File 'lib/rack/auth/cheat.rb', line 28 def call(env) request = Rack::Request.new(env) user = request.params[@user_field] password = request.params[@password_field] # Only authenticate user if both the username and password fields are present unless user && password return @app.call(env) end # Do not authenticate if either one of these is set if env['AUTH_USER'] || env['AUTH_FAIL'] return @app.call(env) end if user == password env['AUTH_USER'] = user env['AUTH_TYPE'] = "Cheat" env['AUTH_TYPE_USER'] = user env['AUTH_TYPE_THIS_REQUEST'] = "Cheat" env['AUTH_DATETIME'] = Time.now.utc env.delete('AUTH_FAIL') end @app.call(env) end |