vendor/rails/actionpack/lib/action_controller/vendor/rack-1.0/rack/auth/basic.rb

   1 require 'rack/auth/abstract/handler'
   2 require 'rack/auth/abstract/request'
   3
   4 module Rack
   5   module Auth
   6     # Rack::Auth::Basic implements HTTP Basic Authentication, as per RFC 2617.
   7     #
   8     # Initialize with the Rack application that you want protecting,
   9     # and a block that checks if a username and password pair are valid.
  10     #
  11     # See also: <tt>example/protectedlobster.rb</tt>
  12
  13     class Basic < AbstractHandler
  14
  15       def call(env)
  16         auth = Basic::Request.new(env)
  17
  18         return unauthorized unless auth.provided?
  19
  20         return bad_request unless auth.basic?
  21
  22         if valid?(auth)
  23           env['REMOTE_USER'] = auth.username
  24
  25           return @app.call(env)
  26         end
  27
  28         unauthorized
  29       end
  30
  31
  32       private
  33
  34       def challenge
  35         'Basic realm="%s"' % realm
  36       end
  37
  38       def valid?(auth)
  39         @authenticator.call(*auth.credentials)
  40       end
  41
  42       class Request < Auth::AbstractRequest
  43         def basic?
  44           :basic == scheme
  45         end
  46
  47         def credentials
  48           @credentials ||= params.unpack("m*").first.split(/:/, 2)
  49         end
  50
  51         def username
  52           credentials.first
  53         end
  54       end
  55
  56     end
  57   end
  58 end