Module: Balrog::Middleware::Controller

Included in:
Balrog::Middleware
Defined in:
lib/balrog/middleware/controller.rb

Instance Method Summary collapse

Instance Method Details

#logout(env) ⇒ Object

This method is called if a user logs out using a balrog logout button. It will achieve this by removing all balrog data from the session.



84
85
86
87
 
# File 'lib/balrog/middleware/controller.rb', line 84

def logout(env)
  env['rack.session'].delete(:balrog)
  [302, {"Location" => '/'}, [""]]
end

#omniauthentication(env) ⇒ Object

This method is called if a user attempts to sign in with Single Sign-on and will authenticate the user if email domain has been whitelisted.



44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
 
# File 'lib/balrog/middleware/controller.rb', line 44

def omniauthentication(env)
  # Extract the email domain from the omniauth hash.
  if env['omniauth.auth']['info']['email']
    user_email = env['omniauth.auth']['info']['email']
    email_domain = user_email.split("@").last
  end
  
  # If there is no email domain, redirect the user before authentication.
  unless email_domain
    return [302, {"Location" => referer}, [""]]
  end

  # If there is no domain_whitelist, alert the developer.
  unless domain_whitelist
    warn <<~EOF

      !! Balrog has not been configured with a domain_whitelist. You shall not
      !! pass! When setting up Balrog::Middleware, pass in a block and
      !! call `set_domain_whitelist` passing in an omniauth provider and
      !! required keys.
      !!
      !! Check out https://github.com/pixielabs/balrog for more information.

    EOF
    return [302, {"Location" => referer}, [""]]
  end

  # Authenticate the user if the user's email domain is whitelisted.
  if domain_whitelist.include?(email_domain)
    authenticate_user(env)
  end

  referer = env["omniauth.origin"] || '/'

  [302, {"Location" => referer}, [""]]
end

#password_login(env) ⇒ Object

This method is called if a user attempts to sign in with a password and will authenticate the user if the password is correct.



7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
 
# File 'lib/balrog/middleware/controller.rb', line 7

def (env)
  # Extract the submitted_password from the rack request hash.
  if env['rack.request.form_hash']
    submitted_password = env['rack.request.form_hash']['password']
  end

  # If there is no submitted_password, redirect the user before authentication.
  unless submitted_password
    return [302, {"Location" => referer}, [""]]
  end

  # If there is no password_hash, alert the developer.
  unless password_hash
    warn <<~EOF

      !! Balrog has not been configured with a password_hash. You shall not
      !! pass! When adding Balrog::Middleware to your middleware stack, pass
      !! in a block and call `password_hash` passing in a bcrypt hash.
      !!
      !! Check out https://github.com/pixielabs/balrog for more information.

    EOF
  end

  # Authenticate the user if the submitted_password matches the password_hash.
  if password_hash == submitted_password
    authenticate_user(env)
  end

  referer = env["HTTP_REFERER"] || '/'

  [302, {"Location" => referer}, [""]]
end