rack-devel archive mirror (unofficial) https://groups.google.com/group/rack-devel
 help / color / mirror / Atom feed
From: "Iñaki Baz Castillo" <ibc@aliax.net>
To: rack-devel@googlegroups.com
Subject: Re: How to use Rack::Auth::Digest::MD5
Date: Fri, 18 Dec 2009 19:09:44 +0100	[thread overview]
Message-ID: <200912181909.45101.ibc@aliax.net> (raw)
In-Reply-To: <8601f15a-3436-42e3-a0f3-f9338963201d@b36g2000prf.googlegroups.com>

El Viernes, 18 de Diciembre de 2009, Genta IHA escribió:
> Hello,
> 
> > Hi, could I get an example of Rack::Auth::Digest::MD5 usage? By reading
> > the
> >
> > doc I get confussed:
>  : (snip)
> >
> > Thanks, but what about if I just want to ask for authentication depending
> >  on the URL?
> 
> Please try this example:
> 
> ----
> class DigestAuthApp
>   USERS = {
>     'office' => {
>       'alice' => 'opensesame',
>     },
>     'home' => {
>       'bob' => 'hello',
>     },
>   }
> 
>   def call(env)
>     req = Rack::Request.new(env)
>     return view_global(env) if %r!^/service1/global/! =~ req.fullpath
>     _, user, realm, path = *%r!^/service1/users/(\w+)@([^/]+)/
> (.*)!.match(req.fullpath)
> 
>     # authentication needed for users area
>     env = callcc do |cont|
>       auth = Rack::Auth::Digest::MD5.new(cont, realm) {|u| USERS[realm]
> [user] }
>       auth.opaque = $$.to_s  # or your favorite opaque
>       return auth.call(env)  # => returns 401 if not authenticated
>     end
>     # authenticated
>     req = Rack::Request.new(env)
>     auth_user = req.env['REMOTE_USER']
> 
>     body = ''
>     [['user', auth_user], ['realm', realm], ['path', path]].each do |
> k, v|
>       body += k + ': ' + v + "\n"
>     end
>     [200, {"Content-Type" => "text/plain"}, body]
>   end
> 
>   def view_global(env)
>     [200, {"Content-Type" => "text/plain"}, 'Welcome to global area.
> Enjoy!']
>   end
> end
> ----
> 
> for /service1/users/.*@office/something:
>   alice is permitted. bob is not.
> 
> for /service1/users/.*@home/something:
>   bob is permitted. alice is not.
> 
> for /service1/global/something:
>   Everyone is permitted.


Great! thanksa lot, I'll try it.


-- 
Iñaki Baz Castillo <ibc@aliax.net>

  reply	other threads:[~2009-12-18 18:09 UTC|newest]

Thread overview: 10+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2009-10-16 18:33 How to use Rack::Auth::Digest::MD5 Iñaki Baz Castillo
2009-10-18 20:32 ` Iñaki Baz Castillo
2009-10-19 11:33   ` Magnus Holm
2009-10-19 11:54     ` Iñaki Baz Castillo
2009-10-19 12:07       ` Iñaki Baz Castillo
2009-12-18 14:52         ` Genta IHA
2009-12-18 18:09           ` Iñaki Baz Castillo [this message]
2009-12-18 18:41           ` Iñaki Baz Castillo
2009-12-18 19:19             ` Iñaki Baz Castillo
2009-12-18 19:21               ` Iñaki Baz Castillo

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-list from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

  List information: https://groups.google.com/group/rack-devel

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=200912181909.45101.ibc@aliax.net \
    --to=rack-devel@googlegroups.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).