Class: Warden::Proxy

Inherits:

Object

• Object
• Warden::Proxy

Extended by:

Forwardable

Includes:

Mixins::Common, ProxyDeprecation

Defined in:

lib/warden/proxy.rb,
lib/warden/errors.rb

Defined Under Namespace

Classes: Errors

Instance Attribute Summary

• #config ⇒ Object readonly

  An accessor to the rack env hash, the proxy owner and its config :api: public.

• #env ⇒ Object readonly

  An accessor to the rack env hash, the proxy owner and its config :api: public.

• #manager ⇒ Object readonly

  An accessor to the rack env hash, the proxy owner and its config :api: public.

• #winning_strategies ⇒ Object readonly

  An accessor to the rack env hash, the proxy owner and its config :api: public.

• #winning_strategy ⇒ Object

  An accessor to the winning strategy :api: private.

Instance Method Summary

• #authenticate(*args) ⇒ Object

  Run the authentiation strategies for the given strategies.

• #authenticate!(*args) ⇒ Object

  The same as authenticate except on failure it will throw an :warden symbol causing the request to be halted and rendered through the failure_app.

• #authenticate?(*args) ⇒ Boolean

  Same API as authenticated, but returns a boolean instead of a user.

• #authenticated?(scope = @config.default_scope) ⇒ Boolean

  Check to see if there is an authenticated user for the given scope.

• #clear_strategies_cache!(*args) ⇒ Object

  Clear the cache of performed strategies so far.

• #custom_failure! ⇒ Object

  Provides a way to return a 401 without warden defering to the failure app The result is a direct passthrough of your own response :api: public.

• #custom_failure? ⇒ Boolean

  Check to see if the custom failur flag has been set :api: public.

• #errors ⇒ Object

  :api: public.

• #initialize(env, manager) ⇒ Proxy constructor

  :nodoc:.

• #logout(*scopes) ⇒ Object

  Provides logout functionality.

• #message ⇒ Object

  Proxy through to the authentication strategy to find out the message that was generated.

• #result ⇒ Object

  proxy methods through to the winning strategy :api: private.

• #session(scope = @config.default_scope) ⇒ Object

  Provides a scoped session data for authenticated users.

• #session_serializer ⇒ Object

  Points to a SessionSerializer instance responsible for handling everything related with storing, fetching and removing the user session.

• #set_user(user, opts = {}) ⇒ Object

  Manually set the user into the session and auth proxy.

• #unauthenticated?(scope = @config.default_scope) ⇒ Boolean

  Same API as authenticated?, but returns false when authenticated.

• #user(scope = @config.default_scope) ⇒ Object

  Provides acccess to the user object in a given scope for a request.

Methods included from Mixins::Common

#params, #request, #reset_session!, #warden_cookies

Methods included from ProxyDeprecation

#default_strategies=

Constructor Details

#initialize(env, manager) ⇒ Proxy

:nodoc:

# File 'lib/warden/proxy.rb', line 26

def initialize(env, manager) #:nodoc:
  @env, @users, @winning_strategies = env, {}, {}
  @manager, @config = manager, manager.config.dup
  @strategies = Hash.new { |h,k| h[k] = {} }
  errors # setup the error object in the session
  manager._run_callbacks(:on_request, self)
end

Instance Attribute Details

#config ⇒ Object (readonly)

An accessor to the rack env hash, the proxy owner and its config :api: public

# File 'lib/warden/proxy.rb', line 15

def config
  @config
end

#env ⇒ Object (readonly)

An accessor to the rack env hash, the proxy owner and its config :api: public

# File 'lib/warden/proxy.rb', line 15

def env
  @env
end

#manager ⇒ Object (readonly)

An accessor to the rack env hash, the proxy owner and its config :api: public

# File 'lib/warden/proxy.rb', line 15

def manager
  @manager
end

#winning_strategies ⇒ Object (readonly)

An accessor to the rack env hash, the proxy owner and its config :api: public

# File 'lib/warden/proxy.rb', line 15

def winning_strategies
  @winning_strategies
end

#winning_strategy ⇒ Object

An accessor to the winning strategy :api: private

# File 'lib/warden/proxy.rb', line 11

def winning_strategy
  @winning_strategy
end

Instance Method Details

#authenticate(*args) ⇒ Object

Run the authentiation strategies for the given strategies. If there is already a user logged in for a given scope, the strategies are not run This does not halt the flow of control and is a passive attempt to authenticate only When scope is not specified, the default_scope is assumed.

Parameters:

args - a list of symbols (labels) that name the strategies to attempt
opts - an options hash that contains the :scope of the user to check

Example:

env['warden'].authenticate(:password, :basic, :scope => :sudo)

:api: public

# File 'lib/warden/proxy.rb', line 83

def authenticate(*args)
  user, opts = _perform_authentication(*args)
  user
end

#authenticate!(*args) ⇒ Object

The same as authenticate except on failure it will throw an :warden symbol causing the request to be halted and rendered through the failure_app

Example

env['warden'].authenticate!(:password, :scope => :publisher) # throws if it cannot authenticate

:api: public

# File 'lib/warden/proxy.rb', line 106

def authenticate!(*args)
  user, opts = _perform_authentication(*args)
  throw(:warden, opts) unless user
  user
end

#authenticate?(*args) ⇒ Boolean

Same API as authenticated, but returns a boolean instead of a user. The difference between this method (authenticate?) and authenticated? is that the former will run strategies if the user has not yet been authenticated, and the second relies on already performed ones. :api: public

Returns:

• (Boolean)

# File 'lib/warden/proxy.rb', line 93

def authenticate?(*args)
  result = !!authenticate(*args)
  yield if result && block_given?
  result
end

#authenticated?(scope = @config.default_scope) ⇒ Boolean

Check to see if there is an authenticated user for the given scope. This brings the user from the session, but does not run strategies before doing so. If you want strategies to be run, please check authenticate?.

Parameters:

scope - the scope to check for authentication. Defaults to default_scope

Example:

env['warden'].authenticated?(:admin)

:api: public

Returns:

• (Boolean)

# File 'lib/warden/proxy.rb', line 123

def authenticated?(scope = @config.default_scope)
  result = !!user(scope)
  yield if block_given? && result
  result
end

#clear_strategies_cache!(*args) ⇒ Object

Clear the cache of performed strategies so far. It has the same API as authenticate, allowing you to clear an specific strategies for given scope:

Parameters:

args - a list of symbols (labels) that name the strategies to attempt
opts - an options hash that contains the :scope of the user to check

Example:

# Clear all strategies for the configured default_scope
env['warden'].clear_strategies_cache!

# Clear all strategies for the :admin scope
env['warden'].clear_strategies_cache!(:scope => :admin)

# Clear password strategy for the :admin scope
env['warden'].clear_strategies_cache!(:password, :scope => :admin)

:api: public

# File 'lib/warden/proxy.rb', line 61

def clear_strategies_cache!(*args)
  scope, opts = _retrieve_scope_and_opts(args)

  @winning_strategies.delete(scope)
  @strategies[scope].each do |k, v|
    v.clear! if args.empty? || args.include?(k)
  end
end

#custom_failure! ⇒ Object

Provides a way to return a 401 without warden defering to the failure app The result is a direct passthrough of your own response :api: public

# File 'lib/warden/proxy.rb', line 241

def custom_failure!
  @custom_failure = true
end

#custom_failure? ⇒ Boolean

Check to see if the custom failur flag has been set :api: public

Returns:

• (Boolean)

# File 'lib/warden/proxy.rb', line 247

def custom_failure?
  !!@custom_failure
end

#errors ⇒ Object

:api: public

# File 'lib/warden/errors.rb', line 5

def errors
  @env['warden.errors'] ||= Errors.new
end

#logout(*scopes) ⇒ Object

Provides logout functionality. The logout also manages any authenticated data storage and clears it when a user logs out.

Parameters:

scopes - a list of scopes to logout

Example:

# Logout everyone and clear the session
env['warden'].logout

# Logout the default user but leave the rest of the session alone
env['warden'].logout(:default)

# Logout the :publisher and :admin user
env['warden'].logout(:publisher, :admin)

:api: public

# File 'lib/warden/proxy.rb', line 209

def logout(*scopes)
  if scopes.empty?
    scopes = @users.keys
    reset_session = true
  end

  scopes.each do |scope|
    user = @users.delete(scope)
    manager._run_callbacks(:before_logout, user, self, :scope => scope)

    raw_session.delete("warden.user.#{scope}.session")
    session_serializer.delete(scope, user)
  end

  reset_session! if reset_session
end

#message ⇒ Object

Proxy through to the authentication strategy to find out the message that was generated. :api: public

# File 'lib/warden/proxy.rb', line 234

def message
  winning_strategy && winning_strategy.message
end

#result ⇒ Object

proxy methods through to the winning strategy :api: private

# File 'lib/warden/proxy.rb', line 228

def result # :nodoc:
  winning_strategy && winning_strategy.result
end

#session(scope = @config.default_scope) ⇒ Object

Provides a scoped session data for authenticated users. Warden manages clearing out this data when a user logs out

Example

# default scope
env['warden'].session[:foo] = "bar"

# :sudo scope
env['warden'].session(:sudo)[:foo] = "bar"

:api: public

Raises:

• (NotAuthenticated)

# File 'lib/warden/proxy.rb', line 187

def session(scope = @config.default_scope)
  raise NotAuthenticated, "#{scope.inspect} user is not logged in" unless authenticated?(scope)
  raw_session["warden.user.#{scope}.session"] ||= {}
end

#session_serializer ⇒ Object

Points to a SessionSerializer instance responsible for handling everything related with storing, fetching and removing the user session. :api: public

# File 'lib/warden/proxy.rb', line 38

def session_serializer
  @session_serializer ||= Warden::SessionSerializer.new(@env)
end

#set_user(user, opts = {}) ⇒ Object

Manually set the user into the session and auth proxy

Parameters:

user - An object that has been setup to serialize into and out of the session.
opts - An options hash.  Use the :scope option to set the scope of the user, set the :store option to false to skip serializing into the session.

:api: public

# File 'lib/warden/proxy.rb', line 144

def set_user(user, opts = {})
  return unless user
  scope = (opts[:scope] ||= @config.default_scope)

  # Get the default options from the master configuration for the given scope
  opts = @config.scope_defaults(scope).merge(opts)

  @users[scope] = user
  session_serializer.store(user, scope) unless opts[:store] == false

  opts[:event] ||= :set_user
  manager._run_callbacks(:after_set_user, user, self, opts)
  user
end

#unauthenticated?(scope = @config.default_scope) ⇒ Boolean

Same API as authenticated?, but returns false when authenticated. :api: public

Returns:

• (Boolean)

# File 'lib/warden/proxy.rb', line 131

def unauthenticated?(scope = @config.default_scope)
  result = !authenticated?(scope)
  yield if block_given? && result
  result
end

#user(scope = @config.default_scope) ⇒ Object

Provides acccess to the user object in a given scope for a request. Will be nil if not logged in. Please notice that this method does not perform strategies.

Example:

# without scope (default user)
env['warden'].user

# with scope
env['warden'].user(:admin)

:api: public

# File 'lib/warden/proxy.rb', line 171

def user(scope = @config.default_scope)
  @users[scope] ||= set_user(session_serializer.fetch(scope),
                             :scope => scope, :event => :fetch)
end