Module: Ext::Security::Base

Defined in:

lib/ext/security.rb

Instance Method Summary

• #authenticate ⇒ Object

  Blank authentication terminator, returns [nil, nil].

• #authorize(user, pass) ⇒ Object

  Blank authorization terminator, returns nil as ternary operator.

• #service(*a) ⇒ Object

  Checks the credencials when serving a page if ‘authorize` is defined in your app, Base or controller.

Instance Method Details

#authenticate ⇒ Object

Blank authentication terminator, returns [nil, nil]

# File 'lib/ext/security.rb', line 64

def authenticate; return nil, nil end

#authorize(user, pass) ⇒ Object

Blank authorization terminator, returns nil as ternary operator.

# File 'lib/ext/security.rb', line 67

def authorize(user, pass); return nil end

#service(*a) ⇒ Object

Checks the credencials when serving a page if ‘authorize` is defined in your app, Base or controller. If you forward to controllers that don’t have urls, the security will not be checked.

# File 'lib/ext/security.rb', line 72

def service(*a)
  return super if self.class.urls.empty?
  user, pass = authenticate
  if authorize(user, pass) != false # nil is accepted, not false
    return super
  elsif not user
    forward app::Controllers::Unauthenticated, 'get'
  else
    forward app::Controllers::Unauthorized, 'get', user
  end
  self
end