Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Drop-in google auth for Sinatra apps

tree: 599c69f435

Fetching latest commit…

Cannot retrieve the latest commit at this time

README.md

Sinatra::GoogleAuth

Drop-in authentication for Sinatra with Google's OpenID endpoint.

Installation

Add this line to your application's Gemfile:

gem 'sinatra-google-auth'

And then execute:

$ bundle

Or install it yourself as:

$ gem install sinatra-google-auth

Usage

The gem exposes a single authenticate helper that protects the endpoint with Google OpenID authentication.

Classic-Style Apps

require 'sinatra'
require 'sinatra/google-auth'

get '*' do
  authenticate
  'hello'
end

Modular Apps

require 'sinatra/base'
require 'sinatra/google-auth'

class App < Sinatra::Base
  register Sinatra::GoogleAuth

  get '*' do
    authenticate
    'hello'
  end
end

Doing something with the User

Define an on_user method in your app to do something with the user info after authentication.

class App < Sinatra::Base
  register Sinatra::GoogleAuth

  def on_user(info)
    puts info.inspect
  end

  get '*' do
    authenticate
    'hello'
  end
end

Configuration

Google Endpoint

Configure your Google OpenID endpoint via setting the ENV var GOOGLE_AUTH_URL

$ export GOOGLE_AUTH_URL=http://myurl.com/openid

or before requiring

ENV['GOOGLE_AUTH_URL'] = 'http://myurl.com/openid'

require 'sinatra'
require 'sinatra/google-auth'

Session Secret

Configure your session secret by setting SESSION_SECRET or SECURE_KEY ENV vars.

$ export SESSION_SECRET='super secure secret'

The 'SecureKey' add-on sets the SECURE_KEY variable for you and automatically rotates it.

$ heroku addons:add securekey

Contributing

  1. Fork it
  2. Create your feature branch (git checkout -b my-new-feature)
  3. Commit your changes (git commit -am 'Added some feature')
  4. Push to the branch (git push origin my-new-feature)
  5. Create new Pull Request
Something went wrong with that request. Please try again.