module ASF::Auth

Rack support for HTTP Authorization, contains a number of classes that can be used within a config.ru of a Passenger application.

Public Class Methods

decode(env) click to toggle source

decode HTTP authorization, when present

# File lib/whimsy/asf/rack.rb, line 10
def self.decode(env)
  class << env; attr_accessor :user, :password; end

  if ENV['PASSENGER_APP_ENV']
    auth = env['HTTP_AUTHORIZATION']
  else # only use ENV if not a Passenger app
    auth = ENV['HTTP_AUTHORIZATION']
  end

  if auth.to_s.empty?
    env.user = env['REMOTE_USER'] || ENV['USER'] || Etc.getpwuid.name
  else
    require 'base64'
    env.user, env.password = Base64.
      decode64(auth[/^Basic ([A-Za-z0-9+\/=]+)$/, 1].to_s).split(':', 2)
  end

  env['REMOTE_USER'] ||= env.user

  ASF::Person.new(env.user)
end