module Webmachine::Resource::Authentication
Helper methods that can be included in your {Webmachine::Resource} to assist in performing HTTP Authentication
.
Constants
- BASIC_HEADER
Pattern for matching Authorization headers that use the Basic auth scheme.
Public Instance Methods
A simple implementation of HTTP Basic auth. Call this from the {Webmachine::Resource::Callbacks#is_authorized?} callback, giving it a block which will be yielded the username and password and return true or false. @param [String] header the value of the Authentication
request
header, passed to the {Callbacks#is_authorized?} callback.
@param [String] realm the “realm”, or description of the
resource that requires authentication
@return [true, String] true if the client is authorized, or
the appropriate WWW-Authenticate header
@yield [user, password] a block that will verify the client-provided user/password
against application constraints
@yieldparam [String] user the passed username @yieldparam [String] password the passed password @yieldreturn [true,false] whether the username/password is correct
# File lib/webmachine/resource/authentication.rb, line 26 def basic_auth(header, realm = 'Webmachine') if header =~ BASIC_HEADER && yield(*$1.unpack1('m*').split(/:/, 2)) true else %(Basic realm="#{realm}") end end