Class: ProxES::Middleware::Security
- Inherits:
-
Object
- Object
- ProxES::Middleware::Security
- Includes:
- Ditty::Helpers::Authentication, Ditty::Helpers::Pundit, Ditty::Helpers::Wisper
- Defined in:
- lib/proxes/middleware/security.rb
Instance Attribute Summary collapse
-
#env ⇒ Object
readonly
Returns the value of attribute env.
-
#logger ⇒ Object
readonly
Returns the value of attribute logger.
Instance Method Summary collapse
- #authorize(request) ⇒ Object
- #call(env) ⇒ Object
- #check_basic(request) ⇒ Object
-
#initialize(app, logger = nil) ⇒ Security
constructor
A new instance of Security.
- #log(request, stage) ⇒ Object
Constructor Details
Instance Attribute Details
#env ⇒ Object (readonly)
Returns the value of attribute env.
12 13 14 |
# File 'lib/proxes/middleware/security.rb', line 12 def env @env end |
#logger ⇒ Object (readonly)
Returns the value of attribute logger.
12 13 14 |
# File 'lib/proxes/middleware/security.rb', line 12 def logger @logger end |
Instance Method Details
#authorize(request) ⇒ Object
48 49 50 |
# File 'lib/proxes/middleware/security.rb', line 48 def (request) Pundit.(request.user, request, request.request_method.downcase + '?') end |
#call(env) ⇒ Object
23 24 25 26 27 28 29 30 31 32 33 34 35 |
# File 'lib/proxes/middleware/security.rb', line 23 def call(env) @env = env request = ProxES::Request.from_env(env) log(request, 'BEFORE') check_basic request request request.index = policy_scope(request) if request.indices? log(request, 'AFTER') @app.call env end |
#check_basic(request) ⇒ Object
37 38 39 40 41 42 43 44 45 46 |
# File 'lib/proxes/middleware/security.rb', line 37 def check_basic(request) auth = Rack::Auth::Basic::Request.new(request.env) return false unless auth.provided? && auth.basic? identity = ::Ditty::Identity.find(username: auth.credentials[0]) identity ||= ::Ditty::Identity.find(username: CGI.unescape(auth.credentials[0])) return false unless identity && identity.authenticate(auth.credentials[1]) request.env['rack.session'] ||= {} request.env['rack.session']['user_id'] = identity.user_id end |
#log(request, stage) ⇒ Object
52 53 54 55 56 57 |
# File 'lib/proxes/middleware/security.rb', line 52 def log(request, stage) logger.debug '============' + stage.ljust(56) + '============' logger.debug '= ' + "Request: #{request.detail}".ljust(76) + ' =' logger.debug '= ' + "Endpoint: #{request.endpoint}".ljust(76) + ' =' logger.debug '================================================================================' end |