Module: Strelka::HTTPRequest::Auth

Includes:

Constants

Defined in:

lib/strelka/httprequest/auth.rb

Overview

The mixin that adds methods to Strelka::HTTPRequest for authentication/authorization.

Instance Attribute Summary

• #auth_provider ⇒ Object

  The Strelka::AuthProvider the app uses for authentication (if any).

• #authenticated_user ⇒ Object (also: #authenticated?)

  The current session namespace.

Instance Method Summary

• #authenticate(options = {}, &block) ⇒ Object

  Try to authenticate the request using the specified block.

• #authorize(*perms, &block) ⇒ Object

  Try to check authorization using the specified block.

• #initialize ⇒ Object

  Extension callback – add instance variables to extended objects.

Instance Attribute Details

#auth_provider ⇒ Object

The Strelka::AuthProvider the app uses for authentication (if any)

# File 'lib/strelka/httprequest/auth.rb', line 32

def auth_provider
  @auth_provider
end

#authenticated_user ⇒ Object Also known as: authenticated?

The current session namespace

# File 'lib/strelka/httprequest/auth.rb', line 28

def authenticated_user
  @authenticated_user
end

Instance Method Details

#authenticate(options = {}, &block) ⇒ Object

Try to authenticate the request using the specified block. If a block is not provided, the #authenticate method of the app’s AuthProvider is used instead.

Valid options are:

:optional

if this is set to a true value, don’t throw a 401 Requires Authentication if the authentication fails.

# File 'lib/strelka/httprequest/auth.rb', line 43

def authenticate( options={}, &block )
	block ||= self.auth_provider.method( :authenticate )
	result = block.call( self )

	finish_with( HTTP::UNAUTHORIZED, "Authorization failed" ) unless result || options[:optional]
	self.authenticated_user = result

	return result
end

#authorize(*perms, &block) ⇒ Object

Try to check authorization using the specified block. If a block is not provided, the #authorize method of the app’s AuthProvider is used instead. If the request doesn’t already have an authenticated_user set, #authenticate will be called with no arguments to try to provide one. The provided perms are passed either to the block or the AuthProvider if no block is given. If successful, the authenticated user that was used is returned.

# File 'lib/strelka/httprequest/auth.rb', line 60

def authorize( *perms, &block )
	if block
		results = block.call or
			finish_with( HTTP::FORBIDDEN, "You are not authorized to access this resource." )
		return results
	else
		self.log.debug "Deferred authorization via %p" % [ self.auth_provider ]
		credentials = self.authenticated_user || self.authenticate
		self.auth_provider.authorize( credentials, self, perms )
		return credentials
	end
end

#initialize ⇒ Object

Extension callback – add instance variables to extended objects.

# File 'lib/strelka/httprequest/auth.rb', line 16

def initialize( * )
	super
	@auth_provider = nil
	@authenticated_user = nil
end