Class: Warden::Proxy

Inherits:
Object
  • Object
show all
Extended by:
Forwardable
Includes:
Mixins::Common
Defined in:
lib/warden/proxy.rb,
lib/warden/errors.rb

Defined Under Namespace

Classes: Errors

Instance Attribute Summary collapse

Instance Method Summary collapse

Methods included from Mixins::Common

#params, #request, #reset_session!, #warden_cookies

Constructor Details

#initialize(env, manager) ⇒ Proxy

:nodoc:



20
21
22
23
24
25
26
# File 'lib/warden/proxy.rb', line 20

def initialize(env, manager) #:nodoc:
  @env, @users = env, {}
  @strategies  = Hash.new { |h,k| h[k] = {} }
  @manager, @config = manager, manager.config
  errors # setup the error object in the session
  manager._run_callbacks(:on_request, self)
end

Instance Attribute Details

#configObject (readonly)

An accessor to the rack env hash, the proxy owner and its config :api: public



12
13
14
# File 'lib/warden/proxy.rb', line 12

def config
  @config
end

#envObject (readonly)

An accessor to the rack env hash, the proxy owner and its config :api: public



12
13
14
# File 'lib/warden/proxy.rb', line 12

def env
  @env
end

#managerObject (readonly)

An accessor to the rack env hash, the proxy owner and its config :api: public



12
13
14
# File 'lib/warden/proxy.rb', line 12

def manager
  @manager
end

#winning_strategyObject

An accessor to the winning strategy :api: private



8
9
10
# File 'lib/warden/proxy.rb', line 8

def winning_strategy
  @winning_strategy
end

Instance Method Details

#authenticate(*args) ⇒ Object

Run the authentiation strategies for the given strategies. If there is already a user logged in for a given scope, the strategies are not run This does not halt the flow of control and is a passive attempt to authenticate only When scope is not specified, the default_scope is assumed.

Parameters:

args - a list of symbols (labels) that name the strategies to attempt
opts - an options hash that contains the :scope of the user to check

Example:

env['warden'].authenticate(:password, :basic, :scope => :sudo)

:api: public



76
77
78
79
# File 'lib/warden/proxy.rb', line 76

def authenticate(*args)
  user, opts = _perform_authentication(*args)
  user
end

#authenticate!(*args) ⇒ Object

The same as authenticate except on failure it will throw an :warden symbol causing the request to be halted and rendered through the failure_app

Example

env['warden'].authenticate!(:password, :scope => :publisher) # throws if it cannot authenticate

:api: public



99
100
101
102
103
# File 'lib/warden/proxy.rb', line 99

def authenticate!(*args)
  user, opts = _perform_authentication(*args)
  throw(:warden, opts) unless user
  user
end

#authenticate?(*args) ⇒ Boolean

Same API as authenticated, but returns a boolean instead of a user. The difference between this method (authenticate?) and authenticated? is that the former will run strategies if the user has not yet been authenticated, and the second relies on already performed ones. :api: public

Returns:

  • (Boolean)


86
87
88
89
90
# File 'lib/warden/proxy.rb', line 86

def authenticate?(*args)
  result = !!authenticate(*args)
  yield if result && block_given?
  result
end

#authenticated?(scope = @config.default_scope) ⇒ Boolean

Check to see if there is an authenticated user for the given scope. This brings the user from the session, but does not run strategies before doing so. If you want strategies to be run, please check authenticate?.

Parameters:

scope - the scope to check for authentication. Defaults to default_scope

Example:

env['warden'].authenticated?(:admin)

:api: public

Returns:

  • (Boolean)


116
117
118
119
120
# File 'lib/warden/proxy.rb', line 116

def authenticated?(scope = @config.default_scope)
  result = !!user(scope)
  yield if block_given? && result
  result
end

#clear_strategies_cache!(*args) ⇒ Object

Clear the cache of performed strategies so far. It has the same API as authenticate, allowing you to clear an specific strategies for given scope:

Parameters:

args - a list of symbols (labels) that name the strategies to attempt
opts - an options hash that contains the :scope of the user to check

Example:

# Clear all strategies for the configured default_scope
env['warden'].clear_strategies_cache!

# Clear all strategies for the :admin scope
env['warden'].clear_strategies_cache!(:scope => :admin)

# Clear password strategy for the :admin scope
env['warden'].clear_strategies_cache!(:password, :scope => :admin)

:api: public



55
56
57
58
59
60
61
# File 'lib/warden/proxy.rb', line 55

def clear_strategies_cache!(*args)
  scope, opts = _retrieve_scope_and_opts(args)

  @strategies[scope].each do |k, v|
    v.clear! if args.empty? || args.include?(k)
  end
end

#custom_failure!Object

Provides a way to return a 401 without warden defering to the failure app The result is a direct passthrough of your own response :api: public



231
232
233
# File 'lib/warden/proxy.rb', line 231

def custom_failure!
  @custom_failure = true
end

#custom_failure?Boolean

Check to see if the custom failur flag has been set :api: public

Returns:

  • (Boolean)


237
238
239
# File 'lib/warden/proxy.rb', line 237

def custom_failure?
  !!@custom_failure
end

#errorsObject

:api: public



5
6
7
# File 'lib/warden/errors.rb', line 5

def errors
  @env['warden.errors'] ||= Errors.new
end

#logout(*scopes) ⇒ Object

Provides logout functionality. The logout also manages any authenticated data storage and clears it when a user logs out.

Parameters:

scopes - a list of scopes to logout

Example:

# Logout everyone and clear the session
env['warden'].logout

# Logout the default user but leave the rest of the session alone
env['warden'].logout(:default)

# Logout the :publisher and :admin user
env['warden'].logout(:publisher, :admin)

:api: public



199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
# File 'lib/warden/proxy.rb', line 199

def logout(*scopes)
  if scopes.empty?
    scopes = @users.keys
    reset_session = true
  end

  scopes.each do |scope|
    user = @users.delete(scope)
    manager._run_callbacks(:before_logout, user, self, :scope => scope)

    raw_session.delete("warden.user.#{scope}.session")
    session_serializer.delete(scope, user)
  end

  reset_session! if reset_session
end

#messageObject

Proxy through to the authentication strategy to find out the message that was generated. :api: public



224
225
226
# File 'lib/warden/proxy.rb', line 224

def message
  winning_strategy && winning_strategy.message
end

#resultObject

proxy methods through to the winning strategy :api: private



218
219
220
# File 'lib/warden/proxy.rb', line 218

def result # :nodoc:
  winning_strategy && winning_strategy.result
end

#session(scope = @config.default_scope) ⇒ Object

Provides a scoped session data for authenticated users. Warden manages clearing out this data when a user logs out

Example

# default scope
env['warden'].session[:foo] = "bar"

# :sudo scope
env['warden'].session(:sudo)[:foo] = "bar"

:api: public

Raises:



177
178
179
180
# File 'lib/warden/proxy.rb', line 177

def session(scope = @config.default_scope)
  raise NotAuthenticated, "#{scope.inspect} user is not logged in" unless authenticated?(scope)
  raw_session["warden.user.#{scope}.session"] ||= {}
end

#session_serializerObject

Points to a SessionSerializer instance responsible for handling everything related with storing, fetching and removing the user session. :api: public



32
33
34
# File 'lib/warden/proxy.rb', line 32

def session_serializer
  @session_serializer ||= Warden::SessionSerializer.new(@env)
end

#set_user(user, opts = {}) ⇒ Object

Manually set the user into the session and auth proxy

Parameters:

user - An object that has been setup to serialize into and out of the session.
opts - An options hash.  Use the :scope option to set the scope of the user, set the :store option to false to skip serializing into the session.

:api: public



137
138
139
140
141
142
143
144
145
146
147
# File 'lib/warden/proxy.rb', line 137

def set_user(user, opts = {})
  return unless user
  scope = (opts[:scope] ||= @config.default_scope)

  @users[scope] = user
  session_serializer.store(user, scope) unless opts[:store] == false

  opts[:event] ||= :set_user
  manager._run_callbacks(:after_set_user, user, self, opts)
  user
end

#unauthenticated?(scope = @config.default_scope) ⇒ Boolean

Same API as authenticated?, but returns false when authenticated. :api: public

Returns:

  • (Boolean)


124
125
126
127
128
# File 'lib/warden/proxy.rb', line 124

def unauthenticated?(scope = @config.default_scope)
  result = !authenticated?(scope)
  yield if block_given? && result
  result
end

#user(scope = @config.default_scope) ⇒ Object

Provides acccess to the user object in a given scope for a request. Will be nil if not logged in. Please notice that this method does not perform strategies.

Example:

# without scope (default user)
env['warden'].user

# with scope
env['warden'].user(:admin)

:api: public



161
162
163
164
# File 'lib/warden/proxy.rb', line 161

def user(scope = @config.default_scope)
  @users[scope] ||= set_user(session_serializer.fetch(scope),
                             :scope => scope, :event => :fetch)
end