sinatra-basic-auth 0.1.0

Sign up to get free protection for your applications and to get access to all the features.
@@ -0,0 +1,58 @@
1
+ = Sinatra Basic Authorization
2
+
3
+ == Installation
4
+
5
+ sudo gem install sinatra-basic-auth
6
+
7
+ == Usage
8
+
9
+ require "sinatra"
10
+ require "sinatra/basic_auth"
11
+
12
+ # Specify your authorization logic
13
+ authorize do |username, password|
14
+ username == "john" && password == "doe"
15
+ end
16
+
17
+ # Set protected routes
18
+ protect do
19
+ get "/admin" do
20
+ "Restricted page that only admin can access"
21
+ end
22
+ end
23
+
24
+ You can specify different authorization logic for different realms.
25
+
26
+ authorize "Public" do |username, password|
27
+ username == "myapp" && password == "beta"
28
+ end
29
+
30
+ authorize "Admin" do |username, password|
31
+ username == "admin" && password == "a complex password"
32
+ end
33
+
34
+ protect "Public" do
35
+ get "/" do
36
+ "Home page"
37
+ end
38
+ end
39
+
40
+ protect "Admin" do
41
+ get "/admin" do
42
+ "Welcome, Mr. Administrator"
43
+ end
44
+ end
45
+
46
+ = License
47
+
48
+ (The MIT License)
49
+
50
+ Copyright © 2010:
51
+
52
+ * Nando Vieira (http://nandovieira.com.br)
53
+
54
+ Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the ‘Software’), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
55
+
56
+ The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
57
+
58
+ THE SOFTWARE IS PROVIDED ‘AS IS’, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
@@ -0,0 +1,66 @@
1
+ require "sinatra/base"
2
+
3
+ module Sinatra
4
+ module BasicAuth
5
+ REALM_ENV = "REALM:%s"
6
+
7
+ class << self
8
+ attr_accessor :validators
9
+ end
10
+
11
+ self.validators = {}
12
+
13
+ module Helpers
14
+ def auth
15
+ @auth ||= Rack::Auth::Basic::Request.new(request.env)
16
+ end
17
+
18
+ def authorized?
19
+ request.env[REALM_ENV % realm] != nil
20
+ end
21
+
22
+ def realm
23
+ @realm
24
+ end
25
+
26
+ private
27
+ def valid_credentials?
28
+ validator = Sinatra::BasicAuth.validators[realm]
29
+ validator && validator.call(*auth.credentials)
30
+ end
31
+ end
32
+
33
+ def authorize(realm = "Restricted", &block)
34
+ Sinatra::BasicAuth.validators[realm] = block
35
+ end
36
+
37
+ def protect(_realm = "Restricted", &block)
38
+ condition do
39
+ @realm = _realm
40
+
41
+ catch(:request_authorization) {
42
+ unless authorized?
43
+ if auth.provided? && auth.basic? && valid_credentials?
44
+ request.env[REALM_ENV % realm] = auth.credentials.first
45
+ else
46
+ headers "WWW-Authenticate" => %[Basic realm="#{realm}"]
47
+ throw :halt, [ 401, "Authorization Required" ]
48
+ end
49
+
50
+ throw :request_authorization unless authorized?
51
+ end
52
+ }
53
+
54
+ authorized?
55
+ end
56
+
57
+ yield
58
+ end
59
+
60
+ def self.registered(app)
61
+ app.helpers Sinatra::BasicAuth::Helpers
62
+ end
63
+ end
64
+
65
+ register BasicAuth
66
+ end
@@ -0,0 +1,10 @@
1
+ module Sinatra
2
+ module BasicAuth
3
+ module Version
4
+ MAJOR = 0
5
+ MINOR = 1
6
+ PATCH = 0
7
+ STRING = "#{MAJOR}.#{MINOR}.#{PATCH}"
8
+ end
9
+ end
10
+ end
@@ -0,0 +1,36 @@
1
+ require "test_helper"
2
+
3
+ class SampleAppTest < Test::Unit::TestCase
4
+ def test_without_authentication
5
+ get "/"
6
+ assert_equal 401, last_response.status
7
+ end
8
+
9
+ def test_with_bad_credentials
10
+ get "/", {}, {"HTTP_AUTHORIZATION" => credentials("invalid", "credentials")}
11
+ assert_equal 401, last_response.status
12
+ end
13
+
14
+ def test_with_valid_credentials
15
+ get "/", {}, {"HTTP_AUTHORIZATION" => credentials("john", "test")}
16
+ assert_equal 200, last_response.status
17
+ assert_equal "restricted content", last_response.body
18
+ end
19
+
20
+ def test_require_valid_credentials_for_different_realms
21
+ get "/", {}, {"HTTP_AUTHORIZATION" => credentials("john", "test")}
22
+ get "/myapp"
23
+ assert_equal 401, last_response.status
24
+ end
25
+
26
+ def test_with_valid_credentials_for_different_realm
27
+ get "/myapp", {}, {"HTTP_AUTHORIZATION" => credentials("mary", "test")}
28
+ assert_equal 200, last_response.status
29
+ assert_equal "restricted content for MyApp", last_response.body
30
+ end
31
+
32
+ private
33
+ def credentials(username, password)
34
+ "Basic " + Base64.encode64("#{username}:#{password}")
35
+ end
36
+ end
@@ -0,0 +1,34 @@
1
+ require "test/unit"
2
+ require "rack/test"
3
+ require "sinatra/basic_auth"
4
+ require "base64"
5
+
6
+ class Test::Unit::TestCase
7
+ include Rack::Test::Methods
8
+
9
+ def app
10
+ SampleApp
11
+ end
12
+ end
13
+
14
+ class SampleApp < Sinatra::Base
15
+ register Sinatra::BasicAuth
16
+
17
+ # Default realm
18
+ authorize do |username, password|
19
+ username == "john" && password == "test"
20
+ end
21
+
22
+ protect do
23
+ get("/") {"restricted content"}
24
+ end
25
+
26
+ # Custom realm
27
+ authorize "MyApp" do |username, password|
28
+ username == "mary" && password == "test"
29
+ end
30
+
31
+ protect "MyApp" do
32
+ get("/myapp") {"restricted content for MyApp"}
33
+ end
34
+ end
metadata ADDED
@@ -0,0 +1,81 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: sinatra-basic-auth
3
+ version: !ruby/object:Gem::Version
4
+ prerelease: false
5
+ segments:
6
+ - 0
7
+ - 1
8
+ - 0
9
+ version: 0.1.0
10
+ platform: ruby
11
+ authors:
12
+ - Nando Vieira
13
+ autorequire:
14
+ bindir: bin
15
+ cert_chain: []
16
+
17
+ date: 2010-09-15 00:00:00 -03:00
18
+ default_executable:
19
+ dependencies:
20
+ - !ruby/object:Gem::Dependency
21
+ name: sinatra
22
+ prerelease: false
23
+ requirement: &id001 !ruby/object:Gem::Requirement
24
+ none: false
25
+ requirements:
26
+ - - ">="
27
+ - !ruby/object:Gem::Version
28
+ segments:
29
+ - 0
30
+ version: "0"
31
+ type: :runtime
32
+ version_requirements: *id001
33
+ description: Authentication with BasicAuth.
34
+ email: fnando.vieira@gmail.com
35
+ executables: []
36
+
37
+ extensions: []
38
+
39
+ extra_rdoc_files:
40
+ - README.rdoc
41
+ files:
42
+ - README.rdoc
43
+ - lib/sinatra/basic_auth.rb
44
+ - lib/sinatra/basic_auth/version.rb
45
+ - test/basic_auth_test.rb
46
+ - test/test_helper.rb
47
+ has_rdoc: true
48
+ homepage: http://github.com/fnando/sinatra-basic-auth
49
+ licenses: []
50
+
51
+ post_install_message:
52
+ rdoc_options:
53
+ - --charset=UTF-8
54
+ require_paths:
55
+ - lib
56
+ required_ruby_version: !ruby/object:Gem::Requirement
57
+ none: false
58
+ requirements:
59
+ - - ">="
60
+ - !ruby/object:Gem::Version
61
+ segments:
62
+ - 0
63
+ version: "0"
64
+ required_rubygems_version: !ruby/object:Gem::Requirement
65
+ none: false
66
+ requirements:
67
+ - - ">="
68
+ - !ruby/object:Gem::Version
69
+ segments:
70
+ - 0
71
+ version: "0"
72
+ requirements: []
73
+
74
+ rubyforge_project:
75
+ rubygems_version: 1.3.7
76
+ signing_key:
77
+ specification_version: 3
78
+ summary: Authentication with BasicAuth that can require different credentials for different realms.
79
+ test_files:
80
+ - test/basic_auth_test.rb
81
+ - test/test_helper.rb