class ProxES::Middleware::Security

Attributes

logger[R]

Public Class Methods

new(app, logger = nil) click to toggle source
# File lib/proxes/middleware/security.rb, line 14
def initialize(app, logger = nil)
  @app = app
  @logger = logger || ::Ditty::Services::Logger
end

Public Instance Methods

authorize(request) click to toggle source
# File lib/proxes/middleware/security.rb, line 44
def authorize(request)
  Pundit.authorize(request.user, request, request.request_method.downcase + '?')
end
call(env) click to toggle source
# File lib/proxes/middleware/security.rb, line 19
def call(env)
  request = ProxES::Request.from_env(env)
  log(request, 'BEFORE')

  check_basic request
  authorize request
  request.index = policy_scope(request) if request.indices?

  log(request, 'AFTER')

  @app.call env
end
check_basic(request) click to toggle source
# File lib/proxes/middleware/security.rb, line 32
def check_basic(request)
  auth = Rack::Auth::Basic::Request.new(request.env)
  return false unless auth.provided? && auth.basic?

  identity = ::Ditty::Identity.find(username: auth.credentials[0])
  identity ||= ::Ditty::Identity.find(username: CGI.unescape(auth.credentials[0]))
  return false unless identity&.authenticate(auth.credentials[1])

  request.env['rack.session'] ||= {}
  request.env['rack.session']['user_id'] = identity.user_id
end
log(request, stage) click to toggle source
# File lib/proxes/middleware/security.rb, line 52
def log(request, stage)
  logger.debug '============' + stage.ljust(56) + '============'
  logger.debug '= ' + "Request: #{request.detail}".ljust(76) + ' ='
  logger.debug '= ' + "Endpoint: #{request.endpoint}".ljust(76) + ' ='
  logger.debug '================================================================================'
end
policy_scope(request) click to toggle source
# File lib/proxes/middleware/security.rb, line 48
def policy_scope(request)
  Pundit.policy_scope(request.user, request)
end