Module: Sinatra::Authorization

Defined in:
lib/sinatra/ditties/authorization.rb

Overview

HTTP Authorization helpers for Sinatra.

In your helpers module, include Sinatra::Authorization and then define an #authorize(user, password) method to handle user provided credentials.

Inside your events, call #login_required to trigger the HTTP Authorization window to pop up in the browser.

Code adapted from Ryan Tomayko and Christopher Schneid, shared under an MIT License

Instance Method Summary collapse

Instance Method Details

#authorization_realmObject

From you app, call set :authorization_realm, “my app” to set this or define a #authorization_realm method in your helpers block.



22
23
24
# File 'lib/sinatra/ditties/authorization.rb', line 22

def authorization_realm
  Sinatra::Default.authorization_realm
end

#authorize(username, password) ⇒ Object

Redefine this method on your helpers block to actually contain your authorization logic.



16
17
18
# File 'lib/sinatra/ditties/authorization.rb', line 16

def authorize(username, password)
  false
end

#authorized?Boolean Also known as: logged_in?

Convenience method to determine if a user is logged in

Returns:

  • (Boolean)


36
37
38
# File 'lib/sinatra/ditties/authorization.rb', line 36

def authorized?
  !!request.env['REMOTE_USER']
end

#current_userObject

Name provided by the current user to log in



42
43
44
# File 'lib/sinatra/ditties/authorization.rb', line 42

def current_user
  request.env['REMOTE_USER']
end

#login_requiredObject

Call in any event that requires authentication



27
28
29
30
31
32
33
# File 'lib/sinatra/ditties/authorization.rb', line 27

def 
  return if authorized?
  unauthorized! unless auth.provided?
  bad_request!  unless auth.basic?
  unauthorized! unless authorize(*auth.credentials)
  request.env['REMOTE_USER'] = auth.username
end