Contents

# OpenSesame

OpenSesame is a [Warden](https://github.com/hassox/warden) strategy for providing "walled garden" authentication for access to Rack-based applications via Omniauth. The intent is protect the visibility of your app from the outside world. For example, your company has internal apps and/or staging enviroments for multiple projects and you want something better than HTTP basic auth.

Enter OpenSesame. To authenticate, OpenSesame currently uses Omniauth and the Github API to require that a user is both logged in to Github and a member of the Github organization for which OpenSesame is configured.

## Usage

In your Gemfile:

    $ gem "opensesame"

Register your application(s) with Github for OAuth access. For each application, you need a name, the site url,
and a callback for OAuth. The OmniAuth-Github OAuth strategy used under the hood will expect the callback at mount path + '/github/callback'. So the development version of your client application might be registered as:

    Name: MyApp - local
    URL: http://localhost:3000
    Callback URL: http://localhost:3000/opensesame/github/callback

Configure OpenSesame:

```ruby
# Rails config/initializers/opensesame.rb

require 'opensesame'

OpenSesame.configure do |config|
  config.enable       Rails.env.staging?
  config.github       ENV['GITHUB_APP_ID'], ENV['GITHUB_SECRET']
  config.organization 'challengepost'
  config.mounted_at   '/opensesame'
end
```

Mount OpenSesame in your Rails routes.rb:

```ruby
# Rails config/routes.rb

mount OpenSesame::Engine => "/opensesame", :as => "opensesame"
```

Version data entries

2 entries across 2 versions & 1 rubygems

Version	Path
opensesame-0.1.1	README.md
opensesame-0.1.0	README.md