Scopes

Brooks Swinnerton edited this page Sep 16, 2015 · 11 revisions

Warden allows for multiple users to be logged in at the same time. This should be used very cautiously.

Sudo access, or a publisher checking what viewing it as another user will look like, or a secured authentication step for checkout. You could also use scopes to authenticate a user’s access to a particular account.

By default the scope is :default. The :default scope is used whenever no scope is stated.

Using Scopes

A scope is identified by an object. (I would use a symbol usually)

Authenticating

# Check the :sudo scope
env['warden'].authenticated?(:sudo)

# Authenticate the :sudo scope with the :pgp strategy
env['warden'].authenticate(:pgp, :scope => :sudo)

# The same options are available for #authenticate and #authenticate!

Scoped User Access

env['warden'].user(:sudo)

Logout

env['warden'].logout  # Clear the session.  Logs everyone out
env['warden'].logout(:default) # logout the :default user
env['warden'].logout(:admin)  # logout the :admin user

Keeping Each User’s Data Separate

You can keep each user’s data separate by using the Authenticated Session Data feature.