sinatra-auth 0.0.9

data/.gitignore

@@ -0,0 +1,2 @@
+pkg
+*.gemspec

data/README.md

@@ -0,0 +1,19 @@
+Simple authentication for Sinatra
+
+Simplest case:
+    
+    auth :password => 'p4ssw3rd'
+
+Which is shorter than calling the rack middleware:
+    
+    use Rack::Auth::Basic do |_, password|
+      password == 'p4ssw3rd'
+    end
+
+Also supports scoping:
+    
+    auth '/admin',
+      :username => 'myles',
+      :password => 'p4ssw3rd'
+
+... and some other options. See examples.rb

data/Rakefile

@@ -0,0 +1,28 @@
+task :default => :examples
+
+begin
+  require 'jeweler'
+  Jeweler::Tasks.new do |s|
+    s.name     = "sinatra-auth"
+    s.homepage = "http://github.com/quackingduck/sinatra-auth"
+    s.summary  = "Simple authentication for sinatra"
+    s.email    = "myles@myles.id.au"
+    s.authors  = ["Myles Byrne"]
+    
+    s.add_dependency 'sinatra', '>= 0.9.4'
+    s.add_development_dependency 'exemplor', '>= 2010.0.0'
+    s.add_development_dependency 'rack-test', '0.4.0'
+    s.add_development_dependency 'pow', '0.2.2'
+  end
+  Jeweler::GemcutterTasks.new
+rescue LoadError
+  puts "Install jeweler to build gem"
+end
+
+task(:examples) { ruby "examples.rb" }
+task :test => :examples
+
+task :tag_version do 
+  version = File.read('VERSION')
+  system "git tag -a v#{version} -m v#{version}"
+end

data/VERSION

@@ -0,0 +1 @@
+0.0.9

data/examples/examples.rb

@@ -0,0 +1,102 @@
+require 'exemplor'
+require 'pow'
+
+require 'rack/test'
+require 'sinatra/base'
+require Pow!('../lib/sinatra/auth')
+
+eg "Username and password" do
+  app do
+    auth :username => 'myles',
+         :password => 'p4ssw3rd'
+  
+    get('/') { 'sekrets' }
+  end
+  
+  check_auth
+end
+
+eg "Username, password and realm name" do
+  app do
+    auth :username => 'myles', 
+         :password => 'p4ssw3rd', 
+         :realm => 'Admin'
+    
+    get('/') { 'sekrets' }
+  end
+  
+  check_auth :realm => 'Admin'
+end
+
+eg "Non-root scope" do
+  app do
+    auth '/admin',
+         :password => 'p4ssw3rd'
+    
+    get('/') { 'not secret' }
+    get('/admin') { 'sekrets' }
+    get('/admin/foo') { 'sekrets' }
+  end
+  
+  Check(get('/').body).is('not secret')
+  check_auth '/admin'
+  check_auth '/admin/foo'
+end
+
+eg "Just password (any user name valid)" do
+  app do
+    auth :password => 'p4ssw3rd'
+    
+    get('/') { 'sekrets' }
+  end
+  
+  check_auth
+end
+
+eg "Block for authentication" do
+  app do
+    auth do |username,password|
+      username == 'myles' && password == 'p4ssw3rd'
+    end
+    
+    get('/') { 'sekrets' }
+  end
+  
+  check_auth
+end
+
+# --
+
+eg.helpers do
+  
+  include Rack::Test::Methods
+  
+  def check_auth(path_or_options = '/', options = {})
+    options = case path_or_options
+    when Hash: {:path => '/'}.merge(path_or_options)
+    when String: options.merge(:path => path_or_options)
+    end
+    
+    allowed = get options[:path], {}, basic_auth
+    Check(allowed.status).is(200)
+    denied  = get options[:path]
+    Check(denied.status).is(401)
+    Check(denied['WWW-Authenticate']).is(%{Basic realm="#{options[:realm] || 'Protected Area'}"})
+  end
+  
+  def basic_auth(user="myles", password="p4ssw3rd")
+    credentials = ["#{user}:#{password}"].pack("m*")
+
+    { "HTTP_AUTHORIZATION" => "Basic #{credentials}" }
+  end
+  
+  def app(&blk)
+    if blk
+      @app = Class.new Sinatra::Application # Sinatra::Base doesn't work
+      @app.set :environment, :test
+      @app.class_eval &blk
+    end
+    @app
+  end
+  
+end

data/lib/sinatra/auth.rb

@@ -0,0 +1,105 @@
+module Sinatra
+  
+  module AuthDSL
+
+    # Only call this. Everything else is implementation. See examples.rb for usuage examples
+    def auth(*args, &blk)
+      auths << Auth.new(*args,&blk)
+      setup_authorization_filter if auths.size == 1
+    end
+
+    def setup_authorization_filter
+      before do
+        authenticator = self.class.auths.reverse.find { |auth| auth.protecting?(request.path_info) }
+        authenticate_with authenticator if authenticator
+      end
+    end
+
+    def auths
+      @auths ||= []
+    end
+    
+    def self.registered(app)
+      app.helpers AuthHelpers
+    end
+
+  end
+  
+  module AuthHelpers
+
+    def authenticate_with(authenticator)
+      auth = Rack::Auth::Basic::Request.new(request.env)
+      unauthorized!(authenticator.realm) unless auth.provided?
+      bad_request! unless auth.basic?
+      unauthorized!(authenticator.realm) unless authenticator.authorized?(*auth.credentials)
+    end
+
+    def unauthorized!(realm)
+      response["WWW-Authenticate"] = %(Basic realm="#{realm}")
+      throw :halt, [ 401, 'Authorization Required' ]
+    end
+
+    def bad_request!
+      throw :halt, [ 400, 'Bad Request' ]
+    end
+  end
+  
+  
+  class Auth
+    
+    def self.new(*args, &blk)
+      super(parse_args(args, &blk))
+    end
+    
+    def self.parse_args(args,&blk)
+      conf = {}
+      conf[:auth_proc] = blk
+      case args.size
+      when 1
+        conf.merge!(args.first)
+      when 2
+        conf[:scope] = args.first
+        conf.merge!(args.last)
+      end
+      conf
+    end
+    
+    attr_reader :conf
+    
+    def initialize(conf)
+      @conf = conf
+    end
+    
+    def authorized?(usename,password)
+      conf[:auth_proc] ||= proc { |u,p| self.valid_user?(u) && self.password == p }
+      return conf[:auth_proc].call(usename,password)
+    end
+    
+    def protecting?(path)
+      scope_pattern =~ path
+    end
+    
+    def valid_user?(username)
+      return true if conf[:username].nil?
+      conf[:username] == username
+    end
+    
+    def password
+      conf[:password]
+    end
+    
+    def realm
+      conf[:realm] ||= "Protected Area"
+    end
+    
+    def scope_pattern
+      @scope_pattern ||= case conf[:scope]
+        when nil:    //
+        when String: /^#{conf[:scope]}/
+        else;        conf[:scope]
+        end
+    end
+  end
+  
+  register AuthDSL
+end

metadata

@@ -0,0 +1,99 @@
+--- !ruby/object:Gem::Specification 
+name: sinatra-auth
+version: !ruby/object:Gem::Version 
+  version: 0.0.9
+platform: ruby
+authors: 
+- Myles Byrne
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2009-12-14 00:00:00 +11:00
+default_executable: 
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  name: sinatra
+  type: :runtime
+  version_requirement: 
+  version_requirements: !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: 0.9.4
+    version: 
+- !ruby/object:Gem::Dependency 
+  name: exemplor
+  type: :development
+  version_requirement: 
+  version_requirements: !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: 2010.0.0
+    version: 
+- !ruby/object:Gem::Dependency 
+  name: rack-test
+  type: :development
+  version_requirement: 
+  version_requirements: !ruby/object:Gem::Requirement 
+    requirements: 
+    - - "="
+      - !ruby/object:Gem::Version 
+        version: 0.4.0
+    version: 
+- !ruby/object:Gem::Dependency 
+  name: pow
+  type: :development
+  version_requirement: 
+  version_requirements: !ruby/object:Gem::Requirement 
+    requirements: 
+    - - "="
+      - !ruby/object:Gem::Version 
+        version: 0.2.2
+    version: 
+description: 
+email: myles@myles.id.au
+executables: []
+
+extensions: []
+
+extra_rdoc_files: 
+- README.md
+files: 
+- .gitignore
+- README.md
+- Rakefile
+- VERSION
+- examples/examples.rb
+- lib/sinatra/auth.rb
+has_rdoc: true
+homepage: http://github.com/quackingduck/sinatra-auth
+licenses: []
+
+post_install_message: 
+rdoc_options: 
+- --charset=UTF-8
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+requirements: []
+
+rubyforge_project: 
+rubygems_version: 1.3.5
+signing_key: 
+specification_version: 3
+summary: Simple authentication for sinatra
+test_files: 
+- examples/examples.rb