Skip to content
Permalink
This does a better job of testing the autoloads work, and ensures
files are loaded from the current rack directory.

Some files required rack.rb, and in those cases I didn't remove
the require, just replaced it with require_relative, since the
intent is to make sure all of rack is loaded if a file under
rack is loaded.

This has the potential to break code that does:

  require 'rack/content_type'
  Rack::ContentType.new(app)

If the rack library itself is never required.  This is because
the autoloads that rack.rb sets up would not be loaded. I'm not
sure if we want to support that, but if so we would want to keep
the requires and convert them to require_relative.

For core_ext/regexp, move the requires into the if < 2.4 block,
so that the file isn't loaded unless it is necessary.
5 contributors

Users who have contributed to this file

@leahneukirchen @raggi @jeremyevans @oniofchaos @styd
61 lines (44 sloc) 1.23 KB
# frozen_string_literal: true
require_relative 'abstract/handler'
require_relative 'abstract/request'
require 'base64'
module Rack
module Auth
# Rack::Auth::Basic implements HTTP Basic Authentication, as per RFC 2617.
#
# Initialize with the Rack application that you want protecting,
# and a block that checks if a username and password pair are valid.
#
# See also: <tt>example/protectedlobster.rb</tt>
class Basic < AbstractHandler
def call(env)
auth = Basic::Request.new(env)
return unauthorized unless auth.provided?
return bad_request unless auth.basic?
if valid?(auth)
env['REMOTE_USER'] = auth.username
return @app.call(env)
end
unauthorized
end
private
def challenge
'Basic realm="%s"' % realm
end
def valid?(auth)
@authenticator.call(*auth.credentials)
end
class Request < Auth::AbstractRequest
def basic?
"basic" == scheme && credentials.length == 2
end
def credentials
@credentials ||= Base64.decode64(params).split(':', 2)
end
def username
credentials.first
end
end
end
end
end
You can’t perform that action at this time.