Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
branch: master
Fetching contributors…

Cannot retrieve contributors at this time

99 lines (72 sloc) 2.699 kB

Sinatra SimpleAuth Extension

Extends Sinatra with extension methods and routes for dealing with a simple authorization method. Both Sinatra application styles are supported: "Classic" and "Classy" (modular) style.

Installation

Since this is a fork of the original gem sources it is not released as a gem. You can build the gem yourself:

gem build sinatra-simple-auth.gemspec
gem install sinatra-simple-auth-0.1.1.gem

or you can install it from a local path or even from github through Bundler by adding one of these two lines to your Gemfile:

gem 'sinatra-simple-auth', :path => /path/to/sources
or
gem 'sinatra-simple-auth'. :git => 'git://github.com/uilgenstein/sinatra-simple-auth.git'

Usage for "Classic" style applications

require 'rubygems'
require 'sinatra'
require 'sinatra/simple_auth'

enable :sessions
set    :home, '/secure/' #where user should be redirected after successful authorization

def authorize(login, password)
  # return value will be saved in session[:user_id]
  login if login == 'bob' && password == 'secret
end

get '/login/?' do
  erb :login #page with logon form
end

get '/secure/?' do
  login_required #protected route, requires auth
  erb :secure
end

get '/' do
  if authorized? #helper method
    "Hello, your user id is: #{session[:user_id]}"
  else
    "Not authorized"
  end
end

Usage for "Classy" (modular) style applications

In your config.ru you can mount your proteceted app under a url prefix (e.g. /admin):

require 'rubygems'
require 'sinatra/base'
require 'admin_application
require 'public_application

map '/admin' do
  run AdminApplication
end

map '/' do
  run PublicApplication
end

Your protected application could then look something like this:

require 'sinatra/simple_auth'

class AdminApplication < Sinatra::Base
  register Sinatra::SimpleAuth

  enable :sessions
  set    :home, '/' # relative to url prefix from config.ru. 
                    # this is where user should be redirected after successful authorization

  def authorize(login, password)
    # return value will be saved in session[:user_id]
    login if login == 'bob' && password == 'secret
  end

  before do
    login_required unless request.path_info =~ /^\/login\/?$/
  end

  get '/login/?' do
    erb :login #page with logon form
  end

  get '/' do
    if authorized? #helper method
      "Hello, your user id is: #{session[:user_id]}"
    else
      "Not authorized"
    end
  end
end
Jump to Line
Something went wrong with that request. Please try again.