Created
September 1, 2009 09:08
-
-
Save nofxx/178997 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # | |
| # AuthPunkInterface | |
| # | |
| # This module is responsible for allowing login via | |
| # HTTP Auth using an API Key (single_access_token) | |
| # | |
| module AuthPunkInterface | |
| module HttpBasicApiKey | |
| def self.included(klass) | |
| klass.class_eval do | |
| extend Config | |
| include Methods | |
| attr_accessor :single_access | |
| persist :persist_by_http_auth_with_api_key, :if => :allow_http_basic_auth_with_api_key? | |
| end | |
| end | |
| module Config | |
| # Do you want to allow your users to log in via HTTP basic auth using an API Key (single access token)? | |
| # | |
| # | |
| # * <tt>Default:</tt> true | |
| # * <tt>Accepts:</tt> Boolean | |
| def allow_http_basic_auth_with_api_key(value = nil) | |
| rw_config(:allow_http_basic_auth_with_api_key, value, true) | |
| end | |
| alias_method :allow_http_basic_auth_with_api_key=, :allow_http_basic_auth_with_api_key | |
| # Authentication is allowed via a single access token, but maybe this is something you don't want for your application as a whole. Maybe this is | |
| # something you only want for specific request types. Specify a list of allowed request types and single access authentication will only be | |
| # allowed for the ones you specify. | |
| # | |
| # * <tt>Default:</tt> ["application/rss+xml", "application/atom+xml"] | |
| # * <tt>Accepts:</tt> String of a request type, or :all or :any to allow single access authentication for any and all request types | |
| def single_access_allowed_request_types(value = nil) | |
| rw_config(:single_access_allowed_request_types, value, ["application/json", "application/rss+xml", "application/atom+xml"]) | |
| end | |
| alias_method :single_access_allowed_request_types=, :single_access_allowed_request_types | |
| end | |
| module Methods | |
| private | |
| def persist_by_http_auth_with_api_key | |
| return false unless api_enabled? | |
| self.class.verify_password_method = "valid_token?" | |
| controller.authenticate_with_http_basic do |login,token| | |
| if !login.blank? && !token.blank? | |
| send("#{login_field}=", login) | |
| send("#{password_field}=", token) | |
| self.single_access = valid? | |
| @reskk = valid? | |
| end | |
| end | |
| self.class.verify_password_method = "valid_password?" | |
| @reskk | |
| end | |
| def api_enabled? | |
| return false unless klass.column_names.include?("single_access_token") | |
| return controller.single_access_allowed? if controller.responds_to_single_access_allowed? | |
| case single_access_allowed_request_types | |
| when Array | |
| single_access_allowed_request_types.include?(controller.request_content_type) || single_access_allowed_request_types.include?(:all) | |
| else | |
| [:all, :any].include?(single_access_allowed_request_types) | |
| end | |
| end | |
| def single_access? | |
| single_access == true | |
| end | |
| def single_access_allowed_request_types | |
| self.class.single_access_allowed_request_types | |
| end | |
| def allow_http_basic_auth_with_api_key? | |
| self.class.allow_http_basic_auth_with_api_key == true | |
| end | |
| end | |
| end | |
| end | |
| Authlogic::Session::Base.send(:include, AuthPunkInterface::HttpBasicApiKey) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment