Module: CloudCrowd::Helpers::Authorization

Included in:
CloudCrowd::Helpers
Defined in:
lib/cloud_crowd/helpers/authorization.rb

Overview

Authorization takes after sinatra-authorization… See github.com/integrity/sinatra-authorization for the original.

Instance Method Summary (collapse)

Instance Method Details

- (Object) auth (private)

Provide a Rack Authorization object.



37
38
39
# File 'lib/cloud_crowd/helpers/authorization.rb', line 37

def auth
  @auth ||= Rack::Auth::Basic::Request.new(request.env)
end

- (Object) authorize(login, password)

A request is authorized if its login and password match those stored in config.yml, or if authentication is disabled. If authentication is turned on, then every request is authenticated, including between the nodes and the central server.



27
28
29
30
31
# File 'lib/cloud_crowd/helpers/authorization.rb', line 27

def authorize(login, password)
  return true unless CloudCrowd.config[:http_authentication]
  return CloudCrowd.config[:login] == login &&
         CloudCrowd.config[:password] == password
end

- (Boolean) authorized?

Has the request been authenticated?



19
20
21
# File 'lib/cloud_crowd/helpers/authorization.rb', line 19

def authorized?
  !!request.env['REMOTE_USER']
end

- (Object) bad_request! (private)



47
48
49
# File 'lib/cloud_crowd/helpers/authorization.rb', line 47

def bad_request!
  halt 400, 'Bad Request'
end

- (Object) login_required

Ensure that the request includes the correct credentials.



10
11
12
13
14
15
16
# File 'lib/cloud_crowd/helpers/authorization.rb', line 10

def login_required
  return if authorized?
  unauthorized! unless auth.provided?
  bad_request!  unless auth.basic?
  unauthorized! unless authorize(*auth.credentials)
  request.env['REMOTE_USER'] = auth.username
end

- (Object) unauthorized!(realm = Server.authorization_realm) (private)

Unauthorized requests will prompt the browser to provide credentials.



42
43
44
45
# File 'lib/cloud_crowd/helpers/authorization.rb', line 42

def unauthorized!(realm = Server.authorization_realm)
  response['WWW-Authenticate'] = "Basic realm=\"#{realm}\""
  halt 401, 'Authorization Required'
end