rack-simple-auth 0.0.3 → 0.0.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/README.md +11 -1
- data/lib/rack-simple-auth.rb +2 -1
- metadata +9 -13
checksums.yaml
ADDED
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
---
|
|
2
|
+
SHA1:
|
|
3
|
+
metadata.gz: d874cade0432dac440fa687f06338d6d64fdefdd
|
|
4
|
+
data.tar.gz: a9163ebc334e9cfd4bc72ebc64c7fbaac6837af3
|
|
5
|
+
SHA512:
|
|
6
|
+
metadata.gz: f000479c72bfd443e149bf3cf6cbce19da749b817fa1df7100c7759f69cc4e1f7545d92524b1bb4dbe63e2689767fa214ffbe5b0bf83b793c9566b1dbd69c899
|
|
7
|
+
data.tar.gz: 0569b5a41fc972196cedd991b34bff28bc4919b9623fa836f2b610fdc91412f414ae0f30e159e4d8212caa36e0cded65aa9ce3fdfc89a54e5b10e468665b1945
|
data/README.md
CHANGED
|
@@ -10,7 +10,8 @@ For rails, create an initializer file with something like:
|
|
|
10
10
|
key: 'your_cookie_key', # required
|
|
11
11
|
secret: 'my_long_secret', # required
|
|
12
12
|
login_url: 'http://url_where_user_will_be_redirected_to_authenticate.com', # required
|
|
13
|
-
authenticated_with: Proc.new { |value| true } # optional: must return a boolean
|
|
13
|
+
authenticated_with: Proc.new { |value| true }, # optional: must return a boolean
|
|
14
|
+
except: Proc.new { |request| request.path.match(/exclude_path/) } # optional
|
|
14
15
|
|
|
15
16
|
By default, the middleware doesn't actually check the value of the cookie, only that the correct key exists and hasn't been tampered with. You can add more complex rules by passing the `authenticated_with` option with a proc that takes the cookie value as its only argument.
|
|
16
17
|
|
|
@@ -19,6 +20,15 @@ For example:
|
|
|
19
20
|
# assuming you had a User model and the cookie value is a user_id
|
|
20
21
|
authenticated_with: Proc.new { |value| user = User.find(value) && user.admin? }
|
|
21
22
|
|
|
23
|
+
To bypass rack-simple-auth on certain conditions, you can pass in the except option a Proc to determine whether a page should be publicly viewable. The Proc will receive as an argument the request object.
|
|
24
|
+
|
|
25
|
+
For example:
|
|
26
|
+
|
|
27
|
+
# allow public viewing of a single page
|
|
28
|
+
except: Proc.new { |request| request.path == '/everyone' }
|
|
29
|
+
# allow public viewing of a particular domain
|
|
30
|
+
except: Proc.new { |request| request.host == 'public.example.com' }
|
|
31
|
+
|
|
22
32
|
### How it Works
|
|
23
33
|
|
|
24
34
|
The middleware relies on you creating a custom cookie with your own authentication code. Your authentication cookie code can decide which domain this cookie applies to, allowing you to create a universal access token for all apps on a particular subdomain.
|
data/lib/rack-simple-auth.rb
CHANGED
|
@@ -8,11 +8,12 @@ module Rack
|
|
|
8
8
|
@secret = options[:secret]
|
|
9
9
|
@login_url = options[:login_url]
|
|
10
10
|
@authenticated_with = options[:authenticated_with] || Proc.new { |value| true }
|
|
11
|
+
@except = options[:except] || Proc.new { false }
|
|
11
12
|
end
|
|
12
13
|
|
|
13
14
|
def call(env)
|
|
14
15
|
request = Request.new(env)
|
|
15
|
-
if authenticated?
|
|
16
|
+
if authenticated?(request.cookies) || @except.call(request)
|
|
16
17
|
@app.call(env)
|
|
17
18
|
else
|
|
18
19
|
[302, {'Content-Type' => 'text/plain', 'Location' => "#{@login_url}?return_to=#{request.url}"}, ['You must be logged in to see this.']]
|
metadata
CHANGED
|
@@ -1,8 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rack-simple-auth
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0.
|
|
5
|
-
prerelease:
|
|
4
|
+
version: 0.0.4
|
|
6
5
|
platform: ruby
|
|
7
6
|
authors:
|
|
8
7
|
- Rob Law
|
|
@@ -14,17 +13,15 @@ dependencies:
|
|
|
14
13
|
- !ruby/object:Gem::Dependency
|
|
15
14
|
name: rack
|
|
16
15
|
requirement: !ruby/object:Gem::Requirement
|
|
17
|
-
none: false
|
|
18
16
|
requirements:
|
|
19
|
-
- -
|
|
17
|
+
- - ">="
|
|
20
18
|
- !ruby/object:Gem::Version
|
|
21
19
|
version: '0'
|
|
22
20
|
type: :runtime
|
|
23
21
|
prerelease: false
|
|
24
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
25
|
-
none: false
|
|
26
23
|
requirements:
|
|
27
|
-
- -
|
|
24
|
+
- - ">="
|
|
28
25
|
- !ruby/object:Gem::Version
|
|
29
26
|
version: '0'
|
|
30
27
|
description: A middleware the prevents access to a rack app without the proper cookie.
|
|
@@ -33,31 +30,30 @@ executables: []
|
|
|
33
30
|
extensions: []
|
|
34
31
|
extra_rdoc_files: []
|
|
35
32
|
files:
|
|
36
|
-
- lib/rack-simple-auth.rb
|
|
37
33
|
- README.md
|
|
34
|
+
- lib/rack-simple-auth.rb
|
|
38
35
|
homepage: http://robmadethis.com
|
|
39
36
|
licenses:
|
|
40
37
|
- MIT
|
|
38
|
+
metadata: {}
|
|
41
39
|
post_install_message:
|
|
42
40
|
rdoc_options: []
|
|
43
41
|
require_paths:
|
|
44
42
|
- lib
|
|
45
43
|
required_ruby_version: !ruby/object:Gem::Requirement
|
|
46
|
-
none: false
|
|
47
44
|
requirements:
|
|
48
|
-
- -
|
|
45
|
+
- - ">="
|
|
49
46
|
- !ruby/object:Gem::Version
|
|
50
47
|
version: 1.9.2
|
|
51
48
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
52
|
-
none: false
|
|
53
49
|
requirements:
|
|
54
|
-
- -
|
|
50
|
+
- - ">="
|
|
55
51
|
- !ruby/object:Gem::Version
|
|
56
52
|
version: '0'
|
|
57
53
|
requirements: []
|
|
58
54
|
rubyforge_project:
|
|
59
|
-
rubygems_version:
|
|
55
|
+
rubygems_version: 2.4.3
|
|
60
56
|
signing_key:
|
|
61
|
-
specification_version:
|
|
57
|
+
specification_version: 4
|
|
62
58
|
summary: A rack middleware for cookie authentication.
|
|
63
59
|
test_files: []
|