Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

added docs for require_login, also added require_login class method

  • Loading branch information...
commit cdf7493690cf62f3964c03314f5b90d2bdce8f63 1 parent 59fa4b9
@cyx cyx authored
Showing with 56 additions and 0 deletions.
  1. +27 −0 lib/sinatra/security.rb
  2. +29 −0 test/test_sinatra-security.rb
View
27 lib/sinatra/security.rb
@@ -11,6 +11,7 @@ module Security
def self.registered(app)
app.helpers Helpers
+
app.set :login_error_message, "Wrong Email and/or Password combination."
app.set :login_url, "/login"
app.set :login_user_class, :User
@@ -25,6 +26,32 @@ def self.registered(app)
end
end
end
+
+ # Allows you to declaratively declare secured locations based on their
+ # path prefix.
+ #
+ # @example
+ #
+ # require_login '/admin'
+ #
+ # get '/admin/posts' do
+ # # Posts here
+ # end
+ #
+ # get '/admin/users' do
+ # # Users here
+ # end
+ #
+ # @param [#to_s] path_prefix a string to match again the start of
+ # request.fullpath
+ # @return [nil]
+ def require_login(path_prefix)
+ before do
+ if request.fullpath =~ /^#{path_prefix}/
+ require_login
+ end
+ end
+ end
end
register Security
View
29 test/test_sinatra-security.rb
@@ -5,6 +5,8 @@ class BasicApp < Sinatra::Base
register Sinatra::Security
+ require_login '/mass'
+
get '/login' do
"<h1>Login Page</h1>"
end
@@ -16,6 +18,14 @@ class BasicApp < Sinatra::Base
get '/private' do
require_login
end
+
+ get '/mass/private1' do
+ "Private 1"
+ end
+
+ get '/mass/private2' do
+ "Private 2"
+ end
get '/css/main.css' do
require_login
@@ -136,4 +146,23 @@ def app
assert_equal '/login', last_response.headers['Location']
end
end
+
+ describe "going to /mass/private1" do
+ should "redirect to /login" do
+ get '/mass/private1'
+
+ assert_equal 302, last_response.status
+ assert_equal '/login', last_response.headers['Location']
+ end
+ end
+
+ describe "going to /mass/private2" do
+ should "redirect to /login" do
+ get '/mass/private2'
+
+ assert_equal 302, last_response.status
+ assert_equal '/login', last_response.headers['Location']
+ end
+ end
+
end

0 comments on commit cdf7493

Please sign in to comment.
Something went wrong with that request. Please try again.