Basic Authentication for WEBrick
Use this class to add basic authentication to a WEBrick
servlet.
Here is an example of how to set up a BasicAuth:
config = { :Realm => 'BasicAuth example realm' } htpasswd = WEBrick::HTTPAuth::Htpasswd.new 'my_password_file', password_hash: :bcrypt htpasswd.set_passwd config[:Realm], 'username', 'password' htpasswd.flush config[:UserDB] = htpasswd basic_auth = WEBrick::HTTPAuth::BasicAuth.new config
Constants
No documentation available
Attributes
Read
No documentation available
Read
No documentation available
Read
No documentation available
Class Methods
lib/webrick/httpauth/basicauth.rb
View on GitHub
# File tmp/rubies/ruby-2.7.6/lib/webrick/httpauth/basicauth.rb, line 43
def self.make_passwd(realm, user, pass)
pass ||= ""
pass.crypt(Utils::random_string(2))
end
Used by UserDB
to create a basic password entry
lib/webrick/httpauth/basicauth.rb
View on GitHub
# File tmp/rubies/ruby-2.7.6/lib/webrick/httpauth/basicauth.rb, line 61
def initialize(config, default=Config::BasicAuth)
check_init(config)
@config = default.dup.update(config)
end
Creates a new BasicAuth
instance.
See WEBrick::Config::BasicAuth for default configuration entries
You must supply the following configuration entries:
- :Realm
-
The name of the realm being protected.
- :UserDB
-
A database of usernames and passwords. A
WEBrick::HTTPAuth::Htpasswd
instance should be used.
Instance Methods
lib/webrick/httpauth/basicauth.rb
View on GitHub
# File tmp/rubies/ruby-2.7.6/lib/webrick/httpauth/basicauth.rb, line 70
def authenticate(req, res)
unless basic_credentials = check_scheme(req)
challenge(req, res)
end
userid, password = basic_credentials.unpack("m*")[0].split(":", 2)
password ||= ""
if userid.empty?
error("user id was not given.")
challenge(req, res)
end
unless encpass = @userdb.get_passwd(@realm, userid, @reload_db)
error("%s: the user is not allowed.", userid)
challenge(req, res)
end
case encpass
when /\A\$2[aby]\$/
password_matches = BCrypt::Password.new(encpass.sub(/\A\$2[aby]\$/, '$2a$')) == password
else
password_matches = password.crypt(encpass) == encpass
end
unless password_matches
error("%s: password unmatch.", userid)
challenge(req, res)
end
info("%s: authentication succeeded.", userid)
req.user = userid
end
Authenticates a req
and returns a 401 Unauthorized using res
if the authentication was not correct.
lib/webrick/httpauth/basicauth.rb
View on GitHub
# File tmp/rubies/ruby-2.7.6/lib/webrick/httpauth/basicauth.rb, line 103
def challenge(req, res)
res[@response_field] = "#{@auth_scheme} realm=\"#{@realm}\""
raise @auth_exception
end
Returns a challenge response which asks for authentication information