Module: ActionController::HttpAuthentication::Basic
- Extended by:
- Basic
- Included in:
- Basic
- Defined in:
- lib/action_controller/metal/http_authentication.rb
Overview
Makes it dead easy to do HTTP Basic authentication.
Simple Basic example
class PostsController < ApplicationController
http_basic_authenticate_with name: "dhh", password: "secret", except: :index
def index
render plain: "Everyone can see me!"
end
def edit
render plain: "I'm only accessible if you know the password"
end
end
Advanced Basic example
Here is a more advanced Basic example where only Atom feeds and the XML API is protected by HTTP authentication, the regular HTML interface is protected by a session approach:
class ApplicationController < ActionController::Base
before_action :set_account, :authenticate
private
def set_account
@account = Account.find_by(url_name: request.subdomains.first)
end
def authenticate
case request.format
when Mime[:xml], Mime[:atom]
if user = authenticate_with_http_basic { |u, p| @account.users.authenticate(u, p) }
@current_user = user
else
request_http_basic_authentication
end
else
if session_authenticated?
@current_user = @account.users.find(session[:authenticated][:user_id])
else
redirect_to(login_url) and return false
end
end
end
end
In your integration tests, you can do something like this:
def test_access_granted_from_xml
@request.env['HTTP_AUTHORIZATION'] = ActionController::HttpAuthentication::Basic.encode_credentials(users(:dhh).name, users(:dhh).password)
get "/notes/1.xml"
assert_equal 200, status
end
Defined Under Namespace
Modules: ControllerMethods
Instance Method Summary collapse
- #auth_param(request) ⇒ Object
- #auth_scheme(request) ⇒ Object
- #authenticate(request, &login_procedure) ⇒ Object
- #authentication_request(controller, realm, message) ⇒ Object
- #decode_credentials(request) ⇒ Object
- #encode_credentials(user_name, password) ⇒ Object
- #has_basic_credentials?(request) ⇒ Boolean
- #user_name_and_password(request) ⇒ Object
Instance Method Details
#auth_param(request) ⇒ Object
117 118 119 |
# File 'lib/action_controller/metal/http_authentication.rb', line 117 def auth_param(request) request..to_s.split(" ", 2).second end |
#auth_scheme(request) ⇒ Object
113 114 115 |
# File 'lib/action_controller/metal/http_authentication.rb', line 113 def auth_scheme(request) request..to_s.split(" ", 2).first end |
#authenticate(request, &login_procedure) ⇒ Object
95 96 97 98 99 |
# File 'lib/action_controller/metal/http_authentication.rb', line 95 def authenticate(request, &login_procedure) if has_basic_credentials?(request) login_procedure.call(*user_name_and_password(request)) end end |
#authentication_request(controller, realm, message) ⇒ Object
125 126 127 128 129 130 |
# File 'lib/action_controller/metal/http_authentication.rb', line 125 def authentication_request(controller, realm, ) ||= "HTTP Basic: Access denied.\n" controller.headers["WWW-Authenticate"] = %(Basic realm="#{realm.tr('"'.freeze, "".freeze)}") controller.status = 401 controller.response_body = end |
#decode_credentials(request) ⇒ Object
109 110 111 |
# File 'lib/action_controller/metal/http_authentication.rb', line 109 def decode_credentials(request) ::Base64.decode64(auth_param(request) || "") end |
#encode_credentials(user_name, password) ⇒ Object
121 122 123 |
# File 'lib/action_controller/metal/http_authentication.rb', line 121 def encode_credentials(user_name, password) "Basic #{::Base64.strict_encode64("#{user_name}:#{password}")}" end |
#has_basic_credentials?(request) ⇒ Boolean
101 102 103 |
# File 'lib/action_controller/metal/http_authentication.rb', line 101 def has_basic_credentials?(request) request..present? && (auth_scheme(request).downcase == "basic") end |
#user_name_and_password(request) ⇒ Object
105 106 107 |
# File 'lib/action_controller/metal/http_authentication.rb', line 105 def user_name_and_password(request) decode_credentials(request).split(":", 2) end |