WardenPlugin

achiu edited this page Sep 13, 2010 · 6 revisions

Introduction

This component provides out-of-the-box support for Warden authentication. With this plugin registered, warden will be automatically required, configured and helpers will be provided to make interacting with warden dead simple.

Setup

 # app.rb
require 'sinatra/base'
require 'sinatra_more'

class Application < Sinatra::Base
  # ...
  register SinatraMore::WardenPlugin
 # ...
end

Usage

There are a few configuration options and details you need to be aware of. By default, the WardenPlugin assumes you have a User class which represents the authenticating class type. If your user class has a different name then you need to specify that as follows:

 SinatraMore::WardenPlugin::PasswordStrategy.user_class = CustomUser

In addition, the strategy used expects that you have an authenticate method with the specific signature below:

# app/models/custom_user.rb
class CustomUser
  # ...
  # Returns user record if user and password match; otherwise return false
  def authenticate(username, password)
    user = User.find(username)
    user.has_password?(password) ? user : false
  end
  # ...
end

Using this plugin you also do need to define your own routes for managing warden sessions. An example is below:

# app/routes/warden.rb
post '/unauthenticated/?' do
  flash[:notice] = "That username and password are not correct!"
  status 401
  haml_template 'session/login'
end

get '/login/?' do
  haml_template 'session/login'
end

post '/login/?' do
  authenticate_user!
  redirect "/dashboard"
end

get '/logout/?' do
  logout_user!
  redirect '/session/login'
end
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.
Press h to open a hovercard with more details.