zimbatm is proud to present you this little tip:

Your own HTBASIC authentication

Here is some code that will let you easily implement your own HTBASIC authentication

module AuthHelper
    def self.included(klass)
      klass.class_eval {
        before :check_access
      }
    end

  protected

    def check_access
    
      user, pass = read_htbasic

      # TODO : Implement the auth mechanism here, also check for the URL, ...
      if "admin" == user and "pass" == pass
        return
      else
        send_htbasic
      end

    end

    def read_htbasic
      user, pass = '', ''

      if request.env.has_key? 'X-HTTP_AUTHORIZATION'
        authdata = @request.env['X-HTTP_AUTHORIZATION'].to_s.split
      elsif request.env.has_key? 'HTTP_AUTHORIZATION'
        authdata = @request.env['HTTP_AUTHORIZATION'].to_s.split
      end

      if authdata and authdata[0] == 'Basic'
        user, pass = Base64.decode64(authdata[1]).split(':')[0..1]
      end

      return [user, pass]
    end

    def send_htbasic(realm = "Authentication needed")
      @context.status = 401
      @context.out = "Unable to authenticate"
      @context.response_headers["Status"] = "Unauthorized"
      @context.response_headers["WWW-Authenticate"] = "Basic realm="#{realm}""
      raise RenderExit
    end

  end

Then in your controller :

class MyController < Nitro::Controller
  helper AuthHelper
end

if you want to inherit that class, use the "include" keyword instead because "helper" makes all methods private

Your own HTBASIC authentication

Feed Links

Recent Tips

Popular Questions

Recently Answered

Tags