Class: WEBrick::HTTPAuth::Htpasswd

Inherits:
Object
  • Object
show all
Includes:
UserDB
Defined in:
lib/webrick/httpauth/htpasswd.rb

Overview

Htpasswd accesses apache-compatible password files. Passwords are matched to a realm where they are valid. For security, the path for a password database should be stored outside of the paths available to the HTTP server.

Htpasswd is intended for use with WEBrick::HTTPAuth::BasicAuth.

To create an Htpasswd database with a single user:

htpasswd = WEBrick::HTTPAuth::Htpasswd.new 'my_password_file'
htpasswd.set_passwd 'my realm', 'username', 'password'
htpasswd.flush

Instance Attribute Summary

Attributes included from UserDB

#auth_type

Instance Method Summary collapse

Methods included from UserDB

#make_passwd

Constructor Details

#initialize(path) ⇒ Htpasswd

Open a password database at path


37
38
39
40
41
42
43
44
# File 'lib/webrick/httpauth/htpasswd.rb', line 37

def initialize(path)
  @path = path
  @mtime = Time.at(0)
  @passwd = Hash.new
  @auth_type = BasicAuth
  open(@path,"a").close unless File::exist?(@path)
  reload
end

Instance Method Details

#delete_passwd(realm, user) ⇒ Object

Removes a password from the database for user in realm.


110
111
112
# File 'lib/webrick/httpauth/htpasswd.rb', line 110

def delete_passwd(realm, user)
  @passwd.delete(user)
end

#eachObject

Iterate passwords in the database.


117
118
119
120
121
# File 'lib/webrick/httpauth/htpasswd.rb', line 117

def each # :yields: [user, password]
  @passwd.keys.sort.each{|user|
    yield([user, @passwd[user]])
  }
end

#flush(output = nil) ⇒ Object

Flush the password database. If output is given the database will be written there instead of to the original path.


76
77
78
79
80
81
82
83
84
85
86
87
88
89
# File 'lib/webrick/httpauth/htpasswd.rb', line 76

def flush(output=nil)
  output ||= @path
  tmp = Tempfile.create("htpasswd", File::dirname(output))
  renamed = false
  begin
    each{|item| tmp.puts(item.join(":")) }
    tmp.close
    File::rename(tmp.path, output)
    renamed = true
  ensure
    tmp.close if !tmp.closed?
    File.unlink(tmp.path) if !renamed
  end
end

#get_passwd(realm, user, reload_db) ⇒ Object

Retrieves a password from the database for user in realm. If reload_db is true the database will be reloaded first.


95
96
97
98
# File 'lib/webrick/httpauth/htpasswd.rb', line 95

def get_passwd(realm, user, reload_db)
  reload() if reload_db
  @passwd[user]
end

#reloadObject

Reload passwords from the database


49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
# File 'lib/webrick/httpauth/htpasswd.rb', line 49

def reload
  mtime = File::mtime(@path)
  if mtime > @mtime
    @passwd.clear
    open(@path){|io|
      while line = io.gets
        line.chomp!
        case line
        when %r!\A[^:]+:[a-zA-Z0-9./]{13}\z!
          user, pass = line.split(":")
        when /:\$/, /:{SHA}/
          raise NotImplementedError,
                'MD5, SHA1 .htpasswd file not supported'
        else
          raise StandardError, 'bad .htpasswd file'
        end
        @passwd[user] = pass
      end
    }
    @mtime = mtime
  end
end

#set_passwd(realm, user, pass) ⇒ Object

Sets a password in the database for user in realm to pass.


103
104
105
# File 'lib/webrick/httpauth/htpasswd.rb', line 103

def set_passwd(realm, user, pass)
  @passwd[user] = make_passwd(realm, user, pass)
end