Skip to content
Browse files

added authorization, logging in and out, admin app etc etc - still th…

…e basics with the necessity of a cleanup once the dust settled
  • Loading branch information...
1 parent f051e48 commit baf43e1fe80f89693519391ad8a6a614ee21e52b @hukl committed Apr 2, 2010
Showing with 143 additions and 2 deletions.
  1. +35 −1 config.ru
  2. +7 −1 init.rb
  3. +27 −0 lib/account.rb
  4. +15 −0 lib/admin.rb
  5. +25 −0 lib/authorization.rb
  6. +22 −0 lib/user.rb
  7. +9 −0 views/account/login.erb
  8. +3 −0 views/layout.erb
View
36 config.ru
@@ -1,3 +1,37 @@
require 'init'
+use Rack::Session::Cookie
-run Mibo::App
+map "/" do
+ enable :sessions
+
+ use Warden::Manager do |manager|
+ manager.default_strategies :password
+ manager.failure_app = Account::App
+ end
+
+ run Mibo::App
+end
+
+map "/account" do
+
+ enable :sessions
+
+ use Warden::Manager do |manager|
+ manager.default_strategies :password
+ manager.failure_app = Account::App
+ end
+
+ run Account::App
+end
+
+map "/admin" do
+
+ enable :sessions
+
+ use Warden::Manager do |manager|
+ manager.default_strategies :password
+ manager.failure_app = Account::App
+ end
+
+ run Admin::App
+end
View
8 init.rb
@@ -3,13 +3,19 @@
require 'rubygems'
require 'sinatra'
-require 'mongo_mapper'
require 'warden'
+require 'mongo_mapper'
require 'erb'
require 'RedCloth'
require 'less'
require 'mibo'
+require 'authorization'
+require 'account'
+require 'user'
require 'post'
+require 'admin'
+
+enable :sessions
# Configure MongoMapper
View
27 lib/account.rb
@@ -0,0 +1,27 @@
+module Account
+
+ class App < Sinatra::Base
+ get "/" do
+ env['warden'].user.name if env['warden'].user
+ end
+
+ get '/login/?' do
+ erb :'account/login'
+ end
+
+ post '/login/?' do
+ env['warden'].authenticate!
+ redirect "/"
+ end
+
+ get '/logout/?' do
+ env['warden'].logout
+ redirect '/'
+ end
+
+ post '/unauthenticated/?' do
+ status 410
+ "Could not login"
+ end
+ end
+end
View
15 lib/admin.rb
@@ -0,0 +1,15 @@
+module Admin
+
+ class App < Sinatra::Base
+
+ before do
+ redirect '/account/login' unless env['warden'].user
+ end
+
+ get '/?' do
+ "hallo from the admin"
+ end
+
+ end
+
+end
View
25 lib/authorization.rb
@@ -0,0 +1,25 @@
+Warden::Manager.serialize_into_session{|user| user.id }
+Warden::Manager.serialize_from_session{|id| User.get(id) }
+
+Warden::Manager.before_failure do |env,opts|
+ # Sinatra is very sensitive to the request method
+ # since authentication could fail on any type of method, we need
+ # to set it for the failure app so it is routed to the correct block
+ env['REQUEST_METHOD'] = "POST"
+end
+
+Warden::Strategies.add(:password) do
+ def valid?
+ params["email"] || params["password"]
+ end
+
+ def authenticate!
+ u = User.authenticate(params["email"], params["password"])
+ u.nil? ? fail!("Could not log in") : success!(u)
+ end
+end
+
+use Warden::Manager do |manager|
+ manager.default_strategies :password
+ manager.failure_app = AuthenticationError
+end
View
22 lib/user.rb
@@ -0,0 +1,22 @@
+class User
+
+ attr_accessor :id, :name
+
+ def self.authenticate email, password
+ if email == "foo@bar.com" && password == "password"
+ user = self.new
+ user.id = 1
+ user
+ else
+ nil
+ end
+ end
+
+ def self.get id
+ user = self.new
+ user.id = 1
+ user.name = "Bert"
+ user
+ end
+
+end
View
9 views/account/login.erb
@@ -0,0 +1,9 @@
+<%= env.inspect %>
+
+<form action="/account/login" method="post">
+
+ <p><input type="text" name="email" value="" id="email" /></p>
+ <p><input type="text" name="password" value="" id="password" /></p>
+ <p><input type="submit" value="Login"></p>
+
+</form>
View
3 views/layout.erb
@@ -7,6 +7,9 @@
</head>
<body>
+ <p>
+ User: <%= env['warden'].user.name if env['warden'].user %>
+ </p>
<%= yield %>
</body>
</html>

0 comments on commit baf43e1

Please sign in to comment.
Something went wrong with that request. Please try again.