Module: ActionController::HttpAuthentication::Basic::ControllerMethods::ClassMethods

Defined in:
lib/action_controller/metal/http_authentication.rb

Instance Method Summary collapse

Instance Method Details

#http_basic_authenticate_with(options = {}) ⇒ Object 



112
113
114
115
116
117
118
119
120
121
122
 
# File 'lib/action_controller/metal/http_authentication.rb', line 112

def http_basic_authenticate_with(options = {})
  before_filter(options.except(:name, :password, :realm)) do
    authenticate_or_request_with_http_basic(options[:realm] || "Application") do |name, password|
      # This comparison uses & so that it doesn't short circuit and
      # uses `variable_size_secure_compare` so that length information
      # isn't leaked.
      ActiveSupport::SecurityUtils.variable_size_secure_compare(name, options[:name]) &
        ActiveSupport::SecurityUtils.variable_size_secure_compare(password, options[:password])
    end
  end
end