Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse code

add auth_realm config option

  • Loading branch information...
commit 216f047c43fe65262cf3b8eb73270c157974078c 1 parent 2ca7fe9
Martin Rehfeld martinrehfeld authored
4 README.md
Source Rendered
@@ -19,7 +19,9 @@ Use it like this:
19 19 end
20 20 end,
21 21
22   - BasicauthConfig = [{auth_fun, AuthFun}],
  22 + BasicauthConfig = [{auth_fun, AuthFun},
  23 + {auth_realm, <<"Admin Area">>} % optional
  24 + ],
23 25
24 26 Config = [
25 27 {mods, [
8 src/elli_basicauth.erl
@@ -14,8 +14,7 @@ handle(Req, Config) ->
14 14 case apply(auth_fun(Config), [Req, User, Password]) of
15 15 unauthorized ->
16 16 throw({401,
17   - [{<<"WWW-Authenticate">>,
18   - <<"Basic realm=\"Secure Area\"">>}],
  17 + [{<<"WWW-Authenticate">>, auth_realm(Config)}],
19 18 <<"Unauthorized">>});
20 19
21 20 forbidden ->
@@ -42,6 +41,11 @@ auth_fun(Config) ->
42 41 end).
43 42
44 43
  44 +auth_realm(Config) ->
  45 + Realm = proplists:get_value(auth_realm, Config, <<"Secure Area">>),
  46 + iolist_to_binary([<<"Basic realm=\"">>, Realm, <<"\"">>]).
  47 +
  48 +
45 49 credentials(Req) ->
46 50 case authorization_header(Req) of
47 51 undefined ->
26 test/elli_basicauth_tests.erl
@@ -28,6 +28,25 @@ no_credentials_test() ->
28 28 meck:unload(elli_request).
29 29
30 30
  31 +no_credentials_with_custom_realm_test() ->
  32 + meck:new(elli_request),
  33 + meck:expect(elli_request, get_header,
  34 + fun (<<"Authorization">>, mock_request) ->
  35 + undefined
  36 + end),
  37 +
  38 + Result =
  39 + (catch elli_basicauth:handle(mock_request,
  40 + basicauth_config_with_custom_realm())),
  41 +
  42 + ?assertEqual({401,
  43 + [{<<"WWW-Authenticate">>,
  44 + <<"Basic realm=\"Members only\"">>}],
  45 + <<"Unauthorized">>}, Result),
  46 + ?assert(meck:validate(elli_request)),
  47 + meck:unload(elli_request).
  48 +
  49 +
31 50 valid_credentials_test() ->
32 51 meck:new(elli_request),
33 52 meck:expect(elli_request, get_header,
@@ -76,7 +95,7 @@ elli_handler_behaviour_test() ->
76 95 mock_dummy, mock_config)),
77 96
78 97 ?assertEqual(ok, elli_basicauth:handle_event(request_parse_error,
79   - [mock_data], mock_config)),
  98 + [mock_data], mock_args)),
80 99
81 100 ?assertEqual(ok, elli_basicauth:handle_event(client_closed,
82 101 [mock_when], mock_config)),
@@ -96,6 +115,11 @@ basicauth_config() ->
96 115 [{auth_fun, fun auth_fun/3}].
97 116
98 117
  118 +basicauth_config_with_custom_realm() ->
  119 + [{auth_fun, fun auth_fun/3},
  120 + {auth_realm, <<"Members only">>}].
  121 +
  122 +
99 123 auth_fun(_Req, undefined, undefined) -> unauthorized;
100 124 auth_fun(_Req, ?USER, ?PASSWORD) -> ok;
101 125 auth_fun(_Req, _User, _Password) -> forbidden.

0 comments on commit 216f047

Please sign in to comment.
Something went wrong with that request. Please try again.