Class: Demopass::App

Inherits:
Object
  • Object
show all
Extended by:
Forwardable
Defined in:
lib/demopass/app.rb

Constant Summary collapse

PASSWORD_PATH =
"/demopass".freeze
PASSWORD_KEY =
"password".freeze
TOKEN_KEY =
"demopass_token".freeze

Instance Method Summary collapse

Constructor Details

#initialize(downstream, except: nil, log_level: nil) ⇒ App

Returns a new instance of App.



12
13
14
15
16
17
18
19
20
21
22
23
24
25
# File 'lib/demopass/app.rb', line 12

def initialize(downstream, except: nil, log_level: nil)
  @downstream = downstream
  @except = except

  @hmac_key = ENV["DEMOPASS_SECRET"]
  @password = ENV["DEMOPASS_PASSWORD"]

  @digest = OpenSSL::Digest.new("SHA256")
  @valid_hmac = hmac_for(@password)

  @logger = Demopass::Logger.new(log_level: log_level)

  validate_arguments
end

Instance Method Details

#call(env) ⇒ Object



27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
# File 'lib/demopass/app.rb', line 27

def call(env)
  @response = Rack::Response.new

  request = Rack::Request.new(env)
  debug("Beginning #{request.request_method} to #{request.path}")
  debug("Downstream is #{@downstream.class.name}")

  if (excluded = path_excluded?(request)) || token_valid?(request)
    reason = excluded ? "the path was excluded" : "the token was valid"
    debug("Passing downstream because #{reason}")

    return @downstream.call(env)
  end

  if (password = extract_password(request))
    assign_token_and_redirect(password)
  else
    info("Password or token missing or invalid; responding with a login form")
    respond_with_form
  end

  debug("Ending call to #{request.path}")
  @response.finish
end