Class: WEBrick::HTTPAuth::BasicAuth
- Inherits:
-
Object
- Object
- WEBrick::HTTPAuth::BasicAuth
- Includes:
- Authenticator
- Defined in:
- lib/webrick/httpauth/basicauth.rb
Overview
Basic Authentication for WEBrick
Use this class to add basic authentication to a WEBrick servlet.
Here is an example of how to set up a BasicAuth:
config = { :Realm => 'BasicAuth example realm' }
htpasswd = WEBrick::HTTPAuth::Htpasswd.new 'my_password_file', password_hash: :bcrypt
htpasswd.set_passwd config[:Realm], 'username', 'password'
htpasswd.flush
config[:UserDB] = htpasswd
basic_auth = WEBrick::HTTPAuth::BasicAuth.new config
Direct Known Subclasses
Constant Summary collapse
- AuthScheme =
:nodoc:
"Basic"
Constants included from Authenticator
Authenticator::AuthException, Authenticator::RequestField, Authenticator::ResponseField, Authenticator::ResponseInfoField
Instance Attribute Summary collapse
-
#logger ⇒ Object
readonly
Returns the value of attribute logger.
-
#realm ⇒ Object
readonly
Returns the value of attribute realm.
-
#userdb ⇒ Object
readonly
Returns the value of attribute userdb.
Class Method Summary collapse
-
.make_passwd(realm, user, pass) ⇒ Object
Used by UserDB to create a basic password entry.
Instance Method Summary collapse
-
#authenticate(req, res) ⇒ Object
Authenticates a
req
and returns a 401 Unauthorized usingres
if the authentication was not correct. -
#challenge(req, res) ⇒ Object
Returns a challenge response which asks for authentication information.
-
#initialize(config, default = Config::BasicAuth) ⇒ BasicAuth
constructor
Creates a new BasicAuth instance.
Constructor Details
#initialize(config, default = Config::BasicAuth) ⇒ BasicAuth
Creates a new BasicAuth instance.
See WEBrick::Config::BasicAuth for default configuration entries
You must supply the following configuration entries:
- :Realm
-
The name of the realm being protected.
- :UserDB
-
A database of usernames and passwords. A WEBrick::HTTPAuth::Htpasswd instance should be used.
61 62 63 64 |
# File 'lib/webrick/httpauth/basicauth.rb', line 61 def initialize(config, default=Config::BasicAuth) check_init(config) @config = default.dup.update(config) end |
Instance Attribute Details
#logger ⇒ Object (readonly)
Returns the value of attribute logger
48 49 50 |
# File 'lib/webrick/httpauth/basicauth.rb', line 48 def logger @logger end |
#realm ⇒ Object (readonly)
Returns the value of attribute realm
48 49 50 |
# File 'lib/webrick/httpauth/basicauth.rb', line 48 def realm @realm end |
#userdb ⇒ Object (readonly)
Returns the value of attribute userdb
48 49 50 |
# File 'lib/webrick/httpauth/basicauth.rb', line 48 def userdb @userdb end |
Class Method Details
.make_passwd(realm, user, pass) ⇒ Object
Used by UserDB to create a basic password entry
43 44 45 46 |
# File 'lib/webrick/httpauth/basicauth.rb', line 43 def self.make_passwd(realm, user, pass) pass ||= "" pass.crypt(Utils::random_string(2)) end |
Instance Method Details
#authenticate(req, res) ⇒ Object
Authenticates a req
and returns a 401 Unauthorized using res
if the authentication was not correct.
70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 |
# File 'lib/webrick/httpauth/basicauth.rb', line 70 def authenticate(req, res) unless basic_credentials = check_scheme(req) challenge(req, res) end userid, password = basic_credentials.unpack("m*")[0].split(":", 2) password ||= "" if userid.empty? error("user id was not given.") challenge(req, res) end unless encpass = @userdb.get_passwd(@realm, userid, @reload_db) error("%s: the user is not allowed.", userid) challenge(req, res) end case encpass when /\A\$2[aby]\$/ password_matches = BCrypt::Password.new(encpass.sub(/\A\$2[aby]\$/, '$2a$')) == password else password_matches = password.crypt(encpass) == encpass end unless password_matches error("%s: password unmatch.", userid) challenge(req, res) end info("%s: authentication succeeded.", userid) req.user = userid end |
#challenge(req, res) ⇒ Object
Returns a challenge response which asks for authentication information
103 104 105 106 |
# File 'lib/webrick/httpauth/basicauth.rb', line 103 def challenge(req, res) res[@response_field] = "#{@auth_scheme} realm=\"#{@realm}\"" raise @auth_exception end |