Module: CloudCrowd::Helpers::Authorization

Included in:

CloudCrowd::Helpers

Defined in:

lib/cloud_crowd/helpers/authorization.rb

Overview

Authorization takes after sinatra-authorization… See github.com/integrity/sinatra-authorization for the original.

Instance Method Summary

• #auth ⇒ Object private

  Provide a Rack Authorization object.

• #authorize(login, password) ⇒ Object

  A request is authorized if its login and password match those stored in config.yml, or if authentication is disabled.

• #authorized? ⇒ Boolean

  Has the request been authenticated?.

• #bad_request! ⇒ Object private
• #login_required ⇒ Object

  Ensure that the request includes the correct credentials.

• #unauthorized!(realm = Server.authorization_realm) ⇒ Object private

  Unauthorized requests will prompt the browser to provide credentials.

Instance Method Details

#auth ⇒ Object (private)

Provide a Rack Authorization object.

# File 'lib/cloud_crowd/helpers/authorization.rb', line 37

def auth
  @auth ||= Rack::Auth::Basic::Request.new(request.env)
end

#authorize(login, password) ⇒ Object

A request is authorized if its login and password match those stored in config.yml, or if authentication is disabled. If authentication is turned on, then every request is authenticated, including between the nodes and the central server.

# File 'lib/cloud_crowd/helpers/authorization.rb', line 27

def authorize(login, password)
  return true unless CloudCrowd.config[:http_authentication]
  return CloudCrowd.config[:login] == login &&
         CloudCrowd.config[:password] == password
end

#authorized? ⇒ Boolean

Has the request been authenticated?

Returns:

• (Boolean)

# File 'lib/cloud_crowd/helpers/authorization.rb', line 19

def authorized?
  !!request.env['REMOTE_USER']
end

#bad_request! ⇒ Object (private)

# File 'lib/cloud_crowd/helpers/authorization.rb', line 47

def bad_request!
  halt 400, 'Bad Request'
end

#login_required ⇒ Object

Ensure that the request includes the correct credentials.

# File 'lib/cloud_crowd/helpers/authorization.rb', line 10

def login_required
  return if authorized?
  unauthorized! unless auth.provided?
  bad_request!  unless auth.basic?
  unauthorized! unless authorize(*auth.credentials)
  request.env['REMOTE_USER'] = auth.username
end

#unauthorized!(realm = Server.authorization_realm) ⇒ Object (private)

Unauthorized requests will prompt the browser to provide credentials.

# File 'lib/cloud_crowd/helpers/authorization.rb', line 42

def unauthorized!(realm = Server.authorization_realm)
  response['WWW-Authenticate'] = "Basic realm=\"#{realm}\""
  halt 401, 'Authorization Required'
end