test/basic_test.rb test/digest_test.rb @@ -1,7 +1,7 @@ Http Authentication =================== -Makes it dead easy to do HTTP authentication using either the vanilla Basic or the more advanced Digest approach. +Makes it dead easy to do HTTP Basic authentication. Simple Basic example: @@ -69,9 +69,10 @@ In your integration tests, you can do something like this: assert_equal 200, status end + Todo: -* Implement Digest authentication scheme +* Implement Digest authentication scheme (be a hero, implement it!) References: README @@ -1 +1,2 @@ -require 'http_authentication/basic' \ No newline at end of file +require 'http_authentication/basic' +# IMPLEMENT ME: require 'http_authentication/digest' \ No newline at end of file lib/http_authentication.rb @@ -21,11 +21,7 @@ module HttpAuthentication end def user_name_and_password(request) - Base64.decode64(credentials(request)).split(/:/, 2) - end - - def credentials(request) - authorization(request).split.last + decode_credentials(request).split(/:/, 2) end def authorization(request) @@ -34,8 +30,16 @@ module HttpAuthentication request.env['X_HTTP_AUTHORIZATION'] end + def decode_credentials(request) + # Fancy nouncing goes here + end + + def encode_credentials(user_name, password) + # You compute me + end + def authentication_request(controller, realm) - controller.headers["WWW-Authenticate"] = %(Basic realm="#{realm.gsub(/"/, "")}") + # Proper headers controller.render :text => "Access denied.\n", :status => :unauthorized return false end lib/http_authentication/digest.rb test/http_authentication_test.rb 60b1566acbc6cc2942fdfb2ed827bb84f75be3f5 David Heinemeier Hansson david@loudthinking.com http://github.com/rails/http_authentication/commit/ad743c1409faf7d76006f6d6c047f045ed0c3212 ad743c1409faf7d76006f6d6c047f045ed0c3212

2006-12-02T17:05:49-08:00

Make it invitingly easy for someone to implement digest authentication -- come on, you can do it! 89db80a24edca65429e99363b403ae532e362de9 David Heinemeier Hansson david@loudthinking.com