Class: ProxES::Middleware::Security

Inherits:

Object

• Object
• ProxES::Middleware::Security

Includes:

Ditty::Helpers::Authentication, Ditty::Helpers::Pundit, Ditty::Helpers::Wisper

Defined in:

lib/proxes/middleware/security.rb

Instance Attribute Summary

• #env ⇒ Object readonly

  Returns the value of attribute env.

• #logger ⇒ Object readonly

  Returns the value of attribute logger.

Instance Method Summary

• #authorize(request) ⇒ Object
• #call(env) ⇒ Object
• #check_basic(request) ⇒ Object
• #initialize(app, logger = nil) ⇒ Security constructor

  A new instance of Security.

• #log(request, stage) ⇒ Object

Constructor Details

#initialize(app, logger = nil) ⇒ Security

Returns a new instance of Security.

# File 'lib/proxes/middleware/security.rb', line 18

def initialize(app, logger = nil)
  @app = app
  @logger = logger || ::Ditty::Services::Logger.instance
end

Instance Attribute Details

#env ⇒ Object (readonly)

Returns the value of attribute env.

# File 'lib/proxes/middleware/security.rb', line 12

def env
  @env
end

#logger ⇒ Object (readonly)

Returns the value of attribute logger.

# File 'lib/proxes/middleware/security.rb', line 12

def logger
  @logger
end

Instance Method Details

#authorize(request) ⇒ Object

# File 'lib/proxes/middleware/security.rb', line 48

def authorize(request)
  Pundit.authorize(request.user, request, request.request_method.downcase + '?')
end

#call(env) ⇒ Object

# File 'lib/proxes/middleware/security.rb', line 23

def call(env)
  @env = env
  request = ProxES::Request.from_env(env)
  log(request, 'BEFORE')

  check_basic request
  authorize request

  request.index = policy_scope(request) if request.indices?
  log(request, 'AFTER')

  @app.call env
end

#check_basic(request) ⇒ Object

# File 'lib/proxes/middleware/security.rb', line 37

def check_basic(request)
  auth = Rack::Auth::Basic::Request.new(request.env)
  return false unless auth.provided? && auth.basic?

  identity = ::Ditty::Identity.find(username: auth.credentials[0])
  identity ||= ::Ditty::Identity.find(username: CGI.unescape(auth.credentials[0]))
  return false unless identity && identity.authenticate(auth.credentials[1])
  request.env['rack.session'] ||= {}
  request.env['rack.session']['user_id'] = identity.user_id
end

#log(request, stage) ⇒ Object

# File 'lib/proxes/middleware/security.rb', line 52

def log(request, stage)
  logger.debug '============' + stage.ljust(56) + '============'
  logger.debug '= ' + "Request: #{request.detail}".ljust(76) + ' ='
  logger.debug '= ' + "Endpoint: #{request.endpoint}".ljust(76) + ' ='
  logger.debug '================================================================================'
end