class Wallaby::Configuration::Security

Security configuration TODO: remove this from 6.2

Constants

DEFAULT_AUTHENTICATE

Default block to return nil

DEFAULT_CURRENT_USER

Default block to return nil for current user

Attributes

email_method[RW]

@!attribute email_method To globally configure the method on {#current_user} to retrieve email address.

If no configuration is given, it will attempt to call `email` on {#current_user}. @example To update the email method in `config/initializers/wallaby.rb`

Wallaby.config do |config|
  config.security.email_method = 'email_address'
end

@since wallaby-5.1.4

logout_method[RW]

@!attribute logout_method To globally configure the logout HTTP method.

Wallaby does not implement any authentication (e.g. login/logout), therefore, logout method will be required so that Wallaby knows how navigate the user via what HTTP method when user clicks the logout button.

But once it detects `Devise`, it will use the HTTP method that Devise uses without the need of configuration. @example To update the logout method in `config/initializers/wallaby.rb`

Wallaby.config do |config|
  config.security.logout_method = 'post'
end

@since wallaby-5.1.4

logout_path[RW]

@!attribute logout_path To globally configure the logout path.

Wallaby does not implement any authentication (e.g. login/logout), therefore, logout path will be required so that Wallaby knows where to navigate the user to when user clicks the logout button.

But once it detects `Devise`, it will use the path that Devise uses without the need of configuration. @example To update the logout path in `config/initializers/wallaby.rb`

Wallaby.config do |config|
  config.security.logout_path = 'logout_path'
end

@since wallaby-5.1.4

Public Instance Methods

authenticate(&block) click to toggle source

To globally configure how to authenicate a user. @example

Wallaby.config do |config|
  config.security.authenticate do
    authenticate_or_request_with_http_basic do |username, password|
      username == 'too_simple' && password == 'too_naive'
    end
  end
end

@yield A block to authenticate user. All application controller methods can be used in the block.

# File lib/wallaby/configuration/security.rb, line 85
def authenticate(&block)
  Logger.deprecated 'Wallaby will remove security.authenticate from 6.2.'
  if block_given?
    @authenticate = block
  else
    @authenticate ||= DEFAULT_AUTHENTICATE
  end
end
authenticate?() click to toggle source

Check if {#authenticate} configuration is set. @return [Boolean]

# File lib/wallaby/configuration/security.rb, line 96
def authenticate?
  authenticate != DEFAULT_AUTHENTICATE
end
current_user(&block) click to toggle source

To globally configure how to get user object. @example To update how to get the current user object in `config/initializers/wallaby.rb`

Wallaby.config do |config|
  config.security.current_user do
    User.find_by_email session[:user_email]
  end
end

@yield A block to get user object. All application controller methods can be used in the block.

# File lib/wallaby/configuration/security.rb, line 60
def current_user(&block)
  Logger.deprecated 'Wallaby will remove security.current_user? from 6.2.'
  if block_given?
    @current_user = block
  else
    @current_user ||= DEFAULT_CURRENT_USER
  end
end
current_user?() click to toggle source

Check if {#current_user} configuration is set. @return [Boolean]

# File lib/wallaby/configuration/security.rb, line 71
def current_user?
  current_user != DEFAULT_CURRENT_USER
end