Class: Merb::Authentication::Strategy

Inherits:

Object

• Object
• Merb::Authentication::Strategy

Defined in:

lib/merb-auth-core/strategy.rb

Overview

The Merb::Authentication::Strategy is where all the action happens in the merb-auth framework. Inherit from this class to setup your own strategy. The strategy will automatically be placed in the default_strategy_order array, and will be included in the strategy runs.

The strategy you implment should have a YourStrategy#run! method defined that returns

1. A user object if authenticated
2. nil if no authenticated user was found.

Example

class MyStrategy < Merb::Authentication::Strategy
  def run!
    u = User.get(params[:login])
    u if u.authentic?(params[:password])
  end
end

Instance Attribute Summary

• #body ⇒ Object

  Allows you to provide a body of content to return when halting.

• #request ⇒ Object

  Returns the value of attribute request.

• #status ⇒ Object

  Provides a place to put the status of the response.

Class Method Summary

• .abstract! ⇒ Object

  Mark a strategy as abstract.

• .abstract? ⇒ Boolean

  Asks is this strategy abstract.

• .after(strategy) ⇒ Object

  Use this to declare the strategy should run after another strategy.

• .before(strategy) ⇒ Object

  Use this to declare the strategy should run before another strategy.

• .inherited(klass) ⇒ Object

Instance Method Summary

• #cookies ⇒ Object

  An alials to the request.cookies hash.

• #halt! ⇒ Object

  Mark this strategy as complete for this request.

• #halted? ⇒ Boolean

  Checks to see if this strategy has been halted.

• #headers ⇒ Object

  Provides a place to put headers.

• #initialize(request, params) ⇒ Strategy constructor

  End class << self.

• #params ⇒ Object

  An alias to the request.params hash Only rely on this hash to find any router params you are looking for.

• #redirect!(url, opts = {}) ⇒ Object

  Redirects causes the strategy to signal a redirect to the provided url.

• #redirected? ⇒ Boolean

  Returns ture if the strategy redirected.

• #run! ⇒ Object

  This is the method that is called as the test for authentication and is where you put your code.

• #session ⇒ Object

  An alias to the request.session hash.

• #user_class ⇒ Object

  Overwrite this method to scope a strategy to a particular user type you can use this with inheritance for example to try the same strategy on different user types.

Constructor Details

#initialize(request, params) ⇒ Strategy

End class << self

# File 'lib/merb-auth-core/strategy.rb', line 108

def initialize(request, params)
  @request = request
  @params  = params
end

Instance Attribute Details

#body ⇒ Object

Allows you to provide a body of content to return when halting

# File 'lib/merb-auth-core/strategy.rb', line 173

def body
  @body || ""
end

#request ⇒ Object

Returns the value of attribute request.

# File 'lib/merb-auth-core/strategy.rb', line 65

def request
  @request
end

#status ⇒ Object

Provides a place to put the status of the response

# File 'lib/merb-auth-core/strategy.rb', line 153

def status
  @status
end

Class Method Details

.abstract! ⇒ Object

Mark a strategy as abstract. This means that a strategy will not ever be run as part of the authentication. Instead this will be available to inherit from as a way to share code.

You could for example setup a strategy to check for a particular kind of login and then have a subclass for each class type of user in your system. i.e. Customer / Staff, Student / Staff etc

# File 'lib/merb-auth-core/strategy.rb', line 97

def abstract!
  @abstract = true
end

.abstract? ⇒ Boolean

Asks is this strategy abstract. i.e. can it be run as part of the authentication

Returns:

• (Boolean)

# File 'lib/merb-auth-core/strategy.rb', line 102

def abstract?
  !!@abstract
end

.after(strategy) ⇒ Object

Use this to declare the strategy should run after another strategy

# File 'lib/merb-auth-core/strategy.rb', line 83

def after(strategy)
  order = Merb::Authentication.default_strategy_order
  order.delete(self)
  index = order.index(strategy)
  index == order.size ? order << self : order.insert(index + 1, self)
end

.before(strategy) ⇒ Object

Use this to declare the strategy should run before another strategy

# File 'lib/merb-auth-core/strategy.rb', line 75

def before(strategy)
  order =  Merb::Authentication.default_strategy_order
  order.delete(self)
  index = order.index(strategy)
  order.insert(index,self)
end

.inherited(klass) ⇒ Object

# File 'lib/merb-auth-core/strategy.rb', line 69

def inherited(klass)
  Merb::Authentication.strategies << klass
  Merb::Authentication.default_strategy_order << klass
end

Instance Method Details

#cookies ⇒ Object

An alials to the request.cookies hash

# File 'lib/merb-auth-core/strategy.rb', line 121

def cookies
  request.cookies
end

#halt! ⇒ Object

Mark this strategy as complete for this request. Will cause that no other strategies will be executed.

# File 'lib/merb-auth-core/strategy.rb', line 162

def halt!
  @halt = true
end

#halted? ⇒ Boolean

Checks to see if this strategy has been halted

Returns:

• (Boolean)

# File 'lib/merb-auth-core/strategy.rb', line 167

def halted?
  !!@halt
end

#headers ⇒ Object

Provides a place to put headers

# File 'lib/merb-auth-core/strategy.rb', line 156

def headers
  @headers ||={}
end

#params ⇒ Object

An alias to the request.params hash Only rely on this hash to find any router params you are looking for. If looking for paramteres use request.params

# File 'lib/merb-auth-core/strategy.rb', line 116

def params
  @params
end

#redirect!(url, opts = {}) ⇒ Object

Redirects causes the strategy to signal a redirect to the provided url.

Parameters

url<String>

The url to redirect to

options<Hash>

An options hash with the following keys:

+:permanent+ Set this to true to make the redirect permanent
+:status+ Set this to an integer for the status to return

# File 'lib/merb-auth-core/strategy.rb', line 138

def redirect!(url, opts = {})
  self.headers["Location"] = url
  self.status = opts[:permanent] ? 301 : 302
  self.status = opts[:status] if opts[:status]
  self.body   = opts[:message] || "<div>You are being redirected to <a href='#{url}'>#{url}</a></div>"
  halt!
  return true
end

#redirected? ⇒ Boolean

Returns ture if the strategy redirected

Returns:

• (Boolean)

# File 'lib/merb-auth-core/strategy.rb', line 148

def redirected?
  !!headers["Location"]
end

#run! ⇒ Object

This is the method that is called as the test for authentication and is where you put your code.

You must overwrite this method in your strategy

Raises:

• (NotImplemented)

# File 'lib/merb-auth-core/strategy.rb', line 183

def run!
  raise NotImplemented
end

#session ⇒ Object

An alias to the request.session hash

# File 'lib/merb-auth-core/strategy.rb', line 126

def session
  request.session
end

#user_class ⇒ Object

Overwrite this method to scope a strategy to a particular user type you can use this with inheritance for example to try the same strategy on different user types

By default, Merb::Authentication.user_class is used. This method allows for particular strategies to deal with a different type of user class.

For example. If Merb::Authentication.user_class is Customer and you have a PasswordStrategy, you can subclass the PasswordStrategy and change this method to return Staff. Giving you a PasswordStrategy strategy for first Customer(s) and then Staff.

# File 'lib/merb-auth-core/strategy.rb', line 200

def user_class
  Merb::Authentication.user_class
end