chneukirchen / rack-mirror
watch download tarball
public
Forks1Right
Watchers6Right
Description: OUTDATED mirror of Rack's darcs repository, use github.com/chneukirchen/rack
Homepage: http://rack.rubyforge.org/
Clone URL: git://github.com/chneukirchen/rack-mirror.git
rack-mirror / lib / rack / auth / basic.rb
100644 59 lines (42 sloc) 1.188 kb
raw blame history 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59

require 'rack/auth/abstract/handler'
require 'rack/auth/abstract/request'
 
module Rack
  module Auth
    # Rack::Auth::Basic implements HTTP Basic Authentication, as per RFC 2617.
    #
    # Initialize with the Rack application that you want protecting,
    # and a block that checks if a username and password pair are valid.
    #
    # See also: <tt>example/protectedlobster.rb</tt>
 
    class Basic < AbstractHandler
 
      def call(env)
        auth = Basic::Request.new(env)
 
        return unauthorized unless auth.provided?
 
        return bad_request unless auth.basic?
 
        if valid?(auth)
          env['REMOTE_USER'] = auth.username
 
          return @app.call(env)
        end
 
        unauthorized
      end
 
 
      private
 
      def challenge
        'Basic realm="%s"' % realm
      end
 
      def valid?(auth)
        @authenticator.call(*auth.credentials)
      end
 
      class Request < Auth::AbstractRequest
        def basic?
          :basic == scheme
        end
 
        def credentials
          @credentials ||= params.unpack("m*").first.split(/:/, 2)
        end
 
        def username
          credentials.first
        end
      end
 
    end
  end
end