lib/proxes/middleware/security.rb in proxes-0.9.13 vs lib/proxes/middleware/security.rb in proxes-0.10.1
- old
+ new
@@ -11,21 +11,21 @@
class Security
attr_reader :logger
def initialize(app, logger = nil)
@app = app
- @logger = logger || ::Ditty::Services::Logger.instance
+ @logger = logger || ::Ditty::Services::Logger
end
def call(env)
request = ProxES::Request.from_env(env)
log(request, 'BEFORE')
check_basic request
authorize request
-
request.index = policy_scope(request) if request.indices?
+
log(request, 'AFTER')
@app.call env
end
@@ -33,10 +33,11 @@
auth = Rack::Auth::Basic::Request.new(request.env)
return false unless auth.provided? && auth.basic?
identity = ::Ditty::Identity.find(username: auth.credentials[0])
identity ||= ::Ditty::Identity.find(username: CGI.unescape(auth.credentials[0]))
- return false unless identity && identity.authenticate(auth.credentials[1])
+ return false unless identity&.authenticate(auth.credentials[1])
+
request.env['rack.session'] ||= {}
request.env['rack.session']['user_id'] = identity.user_id
end
def authorize(request)