Class: WEBrick::HTTPAuth::Htpasswd

Inherits:
Object
  • Object
show all
Includes:
UserDB
Defined in:
lib/webrick/httpauth/htpasswd.rb

Overview

Htpasswd accesses apache-compatible password files. Passwords are matched to a realm where they are valid. For security, the path for a password database should be stored outside of the paths available to the HTTP server.

Htpasswd is intended for use with WEBrick::HTTPAuth::BasicAuth.

To create an Htpasswd database with a single user:

htpasswd = WEBrick::HTTPAuth::Htpasswd.new 'my_password_file'
htpasswd.set_passwd 'my realm', 'username', 'password'
htpasswd.flush

Instance Attribute Summary

Attributes included from UserDB

#auth_type

Instance Method Summary collapse

Methods included from UserDB

#make_passwd

Constructor Details

#initialize(path) ⇒ Htpasswd

Open a password database at path



38
39
40
41
42
43
44
45
# File 'lib/webrick/httpauth/htpasswd.rb', line 38

def initialize(path)
  @path = path
  @mtime = Time.at(0)
  @passwd = Hash.new
  @auth_type = BasicAuth
  open(@path,"a").close unless File::exist?(@path)
  reload
end

Instance Method Details

#delete_passwd(realm, user) ⇒ Object

Removes a password from the database for user in realm.



111
112
113
# File 'lib/webrick/httpauth/htpasswd.rb', line 111

def delete_passwd(realm, user)
  @passwd.delete(user)
end

#eachObject

Iterate passwords in the database.



118
119
120
121
122
# File 'lib/webrick/httpauth/htpasswd.rb', line 118

def each # :yields: [user, password]
  @passwd.keys.sort.each{|user|
    yield([user, @passwd[user]])
  }
end

#flush(output = nil) ⇒ Object

Flush the password database. If output is given the database will be written there instead of to the original path.



77
78
79
80
81
82
83
84
85
86
87
88
89
90
# File 'lib/webrick/httpauth/htpasswd.rb', line 77

def flush(output=nil)
  output ||= @path
  tmp = Tempfile.create("htpasswd", File::dirname(output))
  renamed = false
  begin
    each{|item| tmp.puts(item.join(":")) }
    tmp.close
    File::rename(tmp.path, output)
    renamed = true
  ensure
    tmp.close if !tmp.closed?
    File.unlink(tmp.path) if !renamed
  end
end

#get_passwd(realm, user, reload_db) ⇒ Object

Retrieves a password from the database for user in realm. If reload_db is true the database will be reloaded first.



96
97
98
99
# File 'lib/webrick/httpauth/htpasswd.rb', line 96

def get_passwd(realm, user, reload_db)
  reload() if reload_db
  @passwd[user]
end

#reloadObject

Reload passwords from the database



50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
# File 'lib/webrick/httpauth/htpasswd.rb', line 50

def reload
  mtime = File::mtime(@path)
  if mtime > @mtime
    @passwd.clear
    open(@path){|io|
      while line = io.gets
        line.chomp!
        case line
        when %r!\A[^:]+:[a-zA-Z0-9./]{13}\z!
          user, pass = line.split(":")
        when /:\$/, /:{SHA}/
          raise NotImplementedError,
                'MD5, SHA1 .htpasswd file not supported'
        else
          raise StandardError, 'bad .htpasswd file'
        end
        @passwd[user] = pass
      end
    }
    @mtime = mtime
  end
end

#set_passwd(realm, user, pass) ⇒ Object

Sets a password in the database for user in realm to pass.



104
105
106
# File 'lib/webrick/httpauth/htpasswd.rb', line 104

def set_passwd(realm, user, pass)
  @passwd[user] = make_passwd(realm, user, pass)
end