-
-
Save ches/243611 to your computer and use it in GitHub Desktop.
basic example of Warden authentication with Sinatra
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Warden::Manager.serialize_into_session{|user| user.id } | |
Warden::Manager.serialize_from_session{|id| User.get(id) } | |
Warden::Manager.before_failure do |env,opts| | |
# Sinatra is very sensitive to the request method | |
# since authentication could fail on any type of method, we need | |
# to set it for the failure app so it is routed to the correct block | |
env['REQUEST_METHOD'] = "POST" | |
end | |
Warden::Strategies.add(:password) do | |
def valid? | |
params["email"] || params["password"] | |
end | |
def authenticate! | |
u = User.authenticate(params["email"], params["password"]) | |
u.nil? ? fail!("Could not log in") : success!(u) | |
end | |
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
require 'login_management' | |
use Rack::Session::Cookie | |
use Warden::Manager do |manager| | |
manager.default_strategies :password | |
manager.failure_app = LoginManager | |
end | |
run LoginManager |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
class LoginManager < Sinatra::Base | |
get "/" do | |
haml :welcome | |
end | |
post '/unauthenticated/?' do | |
status 401 | |
haml :login | |
end | |
get '/login/?' do | |
haml :login | |
end | |
post '/login/?' do | |
env['warden'].authenticate! | |
redirect "/" | |
end | |
get '/logout/?' do | |
env['warden'].logout | |
redirect '/' | |
end | |
end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment