Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

What is a very simple authentication scheme for Sinatra/Rack

Tags:

ruby

forms-authentication

sinatra

I am busy porting a very small web app from ASP.NET MVC 2 to Ruby/Sinatra.

In the MVC app, FormsAuthentication.SetAuthCookie was being used to set a persistent cookie when the users login was validated correctly against the database.

I was wondering what the equivalent of Forms Authentication would be in Sinatra? All the authentication frameworks seem very bulky and not really what I'm looking for.

like image 243
AndrewVos Avatar asked Aug 24 '10 18:08

AndrewVos

2 Answers

Here is a very simple authentication scheme for Sinatra.

I’ll explain how it works below.

class App < Sinatra::Base   set :sessions => true    register do     def auth (type)       condition do         redirect "/login" unless send("is_#{type}?")       end     end   end    helpers do     def is_user?       @user != nil     end   end    before do     @user = User.get(session[:user_id])   end    get "/" do     "Hello, anonymous."   end    get "/protected", :auth => :user do     "Hello, #{@user.name}."   end    post "/login" do     session[:user_id] = User.authenticate(params).id   end    get "/logout" do     session[:user_id] = nil   end end

For any route you want to protect, add the :auth => :user condition to it, as in the /protected example above. That will call the auth method, which adds a condition to the route via condition.

The condition calls the is_user? method, which has been defined as a helper. The method should return true or false depending on whether the session contains a valid account id. (Calling helpers dynamically like this makes it simple to add other types of users with different privileges.)

Finally, the before handler sets up a @user instance variable for every request for things like displaying the user’s name at the top of each page. You can also use the is_user? helper in your views to determine if the user is logged in.

like image 86
Todd Yandell Avatar answered Sep 18 '22 12:09

Todd Yandell

Todd's answer does not work for me, and I found an even simpler solution for one-off dead simple authentication in Sinatra's FAQ:

require 'rubygems' require 'sinatra'  use Rack::Auth::Basic, "Restricted Area" do |username, password|     [username, password] == ['admin', 'admin']   end  get '/' do     "You're welcome" end

I thought I would share it just in case anyone wandered this question and needed a non-persistent solution.

like image 33
Ralphleon Avatar answered Sep 20 '22 12:09

Ralphleon
Sign in to Comment

Related questions

Ruby how to write to Tempfile
Ruby loading config (yaml) file in same dir as source
Iterating between two DateTimes, with a one hour step
How to rescue an eval in Ruby?
Is there a Rails equivalent to PHP's isset()?
Integer value of a character in ruby?
Reverse a string in Ruby
How to assert on number of html table rows in ruby using capybara + cucumber
Using question mark character in Rails/ActiveRecord column name
Rails Model without a table
Built in method for testing either nil or empty array?
Access translation file (i18n) from inside rails model
How do I convert a string to a class method?
Are there something like Python generators in Ruby?
How do I install sqlite3 for Ruby on Windows?
How can I initialize an Array inside a Hash in Ruby [duplicate]
How can I check if a Ruby array includes one of several values?
How can I make a check box default to being "checked" in Rails 1.2.3?
Ruby datetime suitable for mysql comparison
Undefined Method attr_accessible

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!