Contents

# frozen_string_literal: true

require_relative 'abstract/handler'
require_relative 'abstract/request'

module Rack
  module Auth
    # Rack::Auth::Basic implements HTTP Basic Authentication, as per RFC 2617.
    #
    # Initialize with the Rack application that you want protecting,
    # and a block that checks if a username and password pair are valid.

    class Basic < AbstractHandler

      def call(env)
        auth = Basic::Request.new(env)

        return unauthorized unless auth.provided?

        return bad_request unless auth.basic?

        if valid?(auth)
          env['REMOTE_USER'] = auth.username

          return @app.call(env)
        end

        unauthorized
      end


      private

      def challenge
        'Basic realm="%s"' % realm
      end

      def valid?(auth)
        @authenticator.call(*auth.credentials)
      end

      class Request < Auth::AbstractRequest
        def basic?
          "basic" == scheme && credentials.length == 2
        end

        def credentials
          @credentials ||= params.unpack1('m').split(':', 2)
        end

        def username
          credentials.first
        end
      end

    end
  end
end

Version data entries

16 entries across 16 versions & 4 rubygems

Version	Path
rack-3.1.12	lib/rack/auth/basic.rb
rack-3.1.11	lib/rack/auth/basic.rb
rack-3.1.10	lib/rack/auth/basic.rb
tailscale_middleware-0.0.3	vendor/cache/ruby/3.4.0/gems/rack-3.1.9/lib/rack/auth/basic.rb
rack-3.1.9	lib/rack/auth/basic.rb
minato_ruby_api_client-0.2.2	vendor/bundle/ruby/3.2.0/gems/rack-3.1.7/lib/rack/auth/basic.rb
rack-3.1.8	lib/rack/auth/basic.rb
rack-3.1.7	lib/rack/auth/basic.rb
rack-3.1.6	lib/rack/auth/basic.rb
rack-3.1.5	lib/rack/auth/basic.rb
rack-3.1.4	lib/rack/auth/basic.rb
katalyst-govuk-formbuilder-1.9.2	vendor/bundle/ruby/3.3.0/gems/rack-3.1.3/lib/rack/auth/basic.rb
rack-3.1.3	lib/rack/auth/basic.rb
rack-3.1.2	lib/rack/auth/basic.rb
rack-3.1.1	lib/rack/auth/basic.rb
rack-3.1.0	lib/rack/auth/basic.rb