WardenPlugin

achiu edited this page Sep 13, 2010 · 6 revisions

Introduction

This component provides out-of-the-box support for Warden authentication. With this plugin registered, warden will be automatically required, configured and helpers will be provided to make interacting with warden dead simple.

Setup

 # app.rb
require 'sinatra/base'
require 'sinatra_more'

class Application < Sinatra::Base
  # ...
  register SinatraMore::WardenPlugin
 # ...
end

Usage

There are a few configuration options and details you need to be aware of. By default, the WardenPlugin assumes you have a User class which represents the authenticating class type. If your user class has a different name then you need to specify that as follows:

 SinatraMore::WardenPlugin::PasswordStrategy.user_class = CustomUser

In addition, the strategy used expects that you have an authenticate method with the specific signature below:

# app/models/custom_user.rb
class CustomUser
  # ...
  # Returns user record if user and password match; otherwise return false
  def authenticate(username, password)
    user = User.find(username)
    user.has_password?(password) ? user : false
  end
  # ...
end

Using this plugin you also do need to define your own routes for managing warden sessions. An example is below:

# app/routes/warden.rb
post '/unauthenticated/?' do
  flash[:notice] = "That username and password are not correct!"
  status 401
  haml_template 'session/login'
end

get '/login/?' do
  haml_template 'session/login'
end

post '/login/?' do
  authenticate_user!
  redirect "/dashboard"
end

get '/logout/?' do
  logout_user!
  redirect '/session/login'
end