Htdigest
accesses apache-compatible digest password files. Passwords are matched to a realm where they are valid. For security, the path for a digest password database should be stored outside of the paths available to the HTTP server.
Htdigest
is intended for use with WEBrick::HTTPAuth::DigestAuth
and stores passwords using cryptographic hashes.
htpasswd = WEBrick::HTTPAuth::Htdigest.new 'my_password_file' htpasswd.set_passwd 'my realm', 'username', 'password' htpasswd.flush
# File tmp/rubies/ruby-2.5.9/lib/webrick/httpauth/htdigest.rb, line 37
def initialize(path)
@path = path
@mtime = Time.at(0)
@digest = Hash.new
@mutex = Thread::Mutex::new
@auth_type = DigestAuth
File.open(@path,"a").close unless File.exist?(@path)
reload
end
Open a digest password database at path
# File tmp/rubies/ruby-2.5.9/lib/webrick/httpauth/htdigest.rb, line 113
def delete_passwd(realm, user)
if hash = @digest[realm]
hash.delete(user)
end
end
Removes a password from the database for user
in realm
.
# File tmp/rubies/ruby-2.5.9/lib/webrick/httpauth/htdigest.rb, line 122
def each # :yields: [user, realm, password_hash]
@digest.keys.sort.each{|realm|
hash = @digest[realm]
hash.keys.sort.each{|user|
yield([user, realm, hash[user]])
}
}
end
Iterate passwords in the database.
# File tmp/rubies/ruby-2.5.9/lib/webrick/httpauth/htdigest.rb, line 72
def flush(output=nil)
output ||= @path
tmp = Tempfile.create("htpasswd", File::dirname(output))
renamed = false
begin
each{|item| tmp.puts(item.join(":")) }
tmp.close
File::rename(tmp.path, output)
renamed = true
ensure
tmp.close
File.unlink(tmp.path) if !renamed
end
end
Flush the password database. If output
is given the database will be written there instead of to the original path.
# File tmp/rubies/ruby-2.5.9/lib/webrick/httpauth/htdigest.rb, line 91
def get_passwd(realm, user, reload_db)
reload() if reload_db
if hash = @digest[realm]
hash[user]
end
end
Retrieves a password from the database for user
in realm
. If reload_db
is true the database will be reloaded first.
# File tmp/rubies/ruby-2.5.9/lib/webrick/httpauth/htdigest.rb, line 50
def reload
mtime = File::mtime(@path)
if mtime > @mtime
@digest.clear
File.open(@path){|io|
while line = io.gets
line.chomp!
user, realm, pass = line.split(/:/, 3)
unless @digest[realm]
@digest[realm] = Hash.new
end
@digest[realm][user] = pass
end
}
@mtime = mtime
end
end
Reloads passwords from the database
# File tmp/rubies/ruby-2.5.9/lib/webrick/httpauth/htdigest.rb, line 101
def set_passwd(realm, user, pass)
@mutex.synchronize{
unless @digest[realm]
@digest[realm] = Hash.new
end
@digest[realm][user] = make_passwd(realm, user, pass)
}
end
Sets a password in the database for user
in realm
to pass
.