module Rails::Auth::ConfigBuilder

Configures Rails::Auth middleware for use in a Rails application

Public Instance Methods

application(config, acl_file: Rails.root.join("config/acl.yml"), matchers: {}) click to toggle source

Application-level configuration (i.e. config/application.rb)

# File lib/rails/auth/config_builder.rb, line 10
def application(config, acl_file: Rails.root.join("config/acl.yml"), matchers: {})
  config.x.rails_auth.acl = Rails::Auth::ACL.from_yaml(
    File.read(acl_file.to_s),
    matchers: matchers
  )

  config.middleware.use Rails::Auth::ACL::Middleware, acl: config.x.rails_auth.acl
end
development(config, development_credentials: {}, error_page: :debug) click to toggle source

Development configuration (i.e. config/environments/development.rb)

# File lib/rails/auth/config_builder.rb, line 20
def development(config, development_credentials: {}, error_page: :debug)
  error_page_middleware(config, error_page)
  credential_injector_middleware(config, development_credentials) unless development_credentials.empty?
end
production( config, cert_filters: nil, error_page: Rails.root.join("public/403.html"), monitor: nil ) click to toggle source
# File lib/rails/auth/config_builder.rb, line 31
def production(
  config,
  cert_filters: nil,
  error_page: Rails.root.join("public/403.html"),
  monitor: nil
)
  error_page_middleware(config, error_page)

  if cert_filters
    config.middleware.insert_before Rails::Auth::ACL::Middleware,
                                    Rails::Auth::X509::Middleware,
                                    cert_filters: cert_filters,
                                    logger:       Rails.logger
  end

  return unless monitor

  config.middleware.insert_before Rails::Auth::ACL::Middleware,
                                  Rails::Auth::Monitor::Middleware,
                                  monitor
end
test(config) click to toggle source

Test configuration (i.e. config/environments/test.rb)

# File lib/rails/auth/config_builder.rb, line 26
def test(config)
  # Simulated credentials to be injected with InjectorMiddleware
  credential_injector_middleware(config, config.x.rails_auth.test_credentials ||= {})
end

Private Instance Methods

credential_injector_middleware(config, credentials) click to toggle source

Adds Rails::Auth::Credentials::InjectorMiddleware to the chain with the given credentials

# File lib/rails/auth/config_builder.rb, line 73
def credential_injector_middleware(config, credentials)
  config.middleware.insert_before Rails::Auth::ACL::Middleware,
                                  Rails::Auth::Credentials::InjectorMiddleware,
                                  credentials
end
error_page_middleware(config, error_page) click to toggle source

Adds error page middleware to the chain

# File lib/rails/auth/config_builder.rb, line 56
def error_page_middleware(config, error_page)
  case error_page
  when :debug
    config.middleware.insert_before Rails::Auth::ACL::Middleware,
                                    Rails::Auth::ErrorPage::DebugMiddleware,
                                    acl: config.x.rails_auth.acl
  when Pathname, String
    config.middleware.insert_before Rails::Auth::ACL::Middleware,
                                    Rails::Auth::ErrorPage::Middleware,
                                    page_body: Pathname(error_page).read
  when FalseClass, NilClass
    nil
  else raise TypeError, "bad error page mode: #{mode.inspect}"
  end
end