move authorization to branch test

author: mr <mr@mrautenberg.de> 2010-01-19 10:02:09 +0100
committer: mr <mr@mrautenberg.de> 2010-01-19 10:02:09 +0100
commit: 0e7f3c196b123acd9d311f02f09f8b03992cea5f (patch)
tree: 9991c400dc3f01e7c626ed64bd21be9f051e0cf0 /lib/authorization.rb
parent: 253e15cae162d88a269cc86608dd3334cab29cf9 (diff)
1 files changed, 24 insertions, 0 deletions
diff --git a/lib/authorization.rb b/lib/authorization.rb
new file mode 100644
index 0000000..372d52b
--- /dev/null
+++ b/lib/authorization.rb
@@ -0,0 +1,24 @@
+helpers do
+ 
+  def protected!
+    response['WWW-Authenticate'] = %(Basic realm="Testing HTTP Auth") and \
+    throw(:halt, [401, "Not authorized\n"]) and \
+    return unless authorized?
+  end
+ 
+  def authorized?
+    @auth ||= Rack::Auth::Basic::Request.new(request.env)
+    @auth.provided? && @auth.basic? && @auth.credentials && valid_user?
+  end
+  
+  def valid_user?
+    users = @@users[:users]
+    return @auth.credentials == [@auth.username, users.fetch(@auth.username)] if users.has_key?(@auth.username)
+    return false
+  end
+ 
+end
+ 
+before do
+  protected! unless env['REQUEST_METHOD'] == "GET"
+end
+\ No newline at end of file
author	mr <mr@mrautenberg.de>	2010-01-19 10:02:09 +0100
committer	mr <mr@mrautenberg.de>	2010-01-19 10:02:09 +0100
commit	0e7f3c196b123acd9d311f02f09f8b03992cea5f (patch)
tree	9991c400dc3f01e7c626ed64bd21be9f051e0cf0 /lib/authorization.rb
parent	253e15cae162d88a269cc86608dd3334cab29cf9 (diff)