File: C:/Ruby27-x64/share/doc/ruby/html/WEBrick/HTTPAuth/BasicAuth.html
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>class WEBrick::HTTPAuth::BasicAuth - RDoc Documentation</title>
<script type="text/javascript">
var rdoc_rel_prefix = "../../";
var index_rel_prefix = "../../";
</script>
<script src="../../js/navigation.js" defer></script>
<script src="../../js/search.js" defer></script>
<script src="../../js/search_index.js" defer></script>
<script src="../../js/searcher.js" defer></script>
<script src="../../js/darkfish.js" defer></script>
<link href="../../css/fonts.css" rel="stylesheet">
<link href="../../css/rdoc.css" rel="stylesheet">
<body id="top" role="document" class="class">
<nav role="navigation">
<div id="project-navigation">
<div id="home-section" role="region" title="Quick navigation" class="nav-section">
<h2>
<a href="../../index.html" rel="home">Home</a>
</h2>
<div id="table-of-contents-navigation">
<a href="../../table_of_contents.html#pages">Pages</a>
<a href="../../table_of_contents.html#classes">Classes</a>
<a href="../../table_of_contents.html#methods">Methods</a>
</div>
</div>
<div id="search-section" role="search" class="project-section initially-hidden">
<form action="#" method="get" accept-charset="utf-8">
<div id="search-field-wrapper">
<input id="search-field" role="combobox" aria-label="Search"
aria-autocomplete="list" aria-controls="search-results"
type="text" name="search" placeholder="Search" spellcheck="false"
title="Type to search, Up and Down to navigate, Enter to load">
</div>
<ul id="search-results" aria-label="Search Results"
aria-busy="false" aria-expanded="false"
aria-atomic="false" class="initially-hidden"></ul>
</form>
</div>
</div>
<div id="class-metadata">
<div id="parent-class-section" class="nav-section">
<h3>Parent</h3>
<p class="link"><a href="../../Object.html">Object</a>
</div>
<div id="includes-section" class="nav-section">
<h3>Included Modules</h3>
<ul class="link-list">
<li><a class="include" href="Authenticator.html">WEBrick::HTTPAuth::Authenticator</a>
</ul>
</div>
<!-- Method Quickref -->
<div id="method-list-section" class="nav-section">
<h3>Methods</h3>
<ul class="link-list" role="directory">
<li ><a href="#method-c-make_passwd">::make_passwd</a>
<li ><a href="#method-c-new">::new</a>
<li ><a href="#method-i-authenticate">#authenticate</a>
<li ><a href="#method-i-challenge">#challenge</a>
</ul>
</div>
</div>
</nav>
<main role="main" aria-labelledby="class-WEBrick::HTTPAuth::BasicAuth">
<h1 id="class-WEBrick::HTTPAuth::BasicAuth" class="class">
class WEBrick::HTTPAuth::BasicAuth
</h1>
<section class="description">
<p>Basic Authentication for <a href="../../WEBrick.html"><code>WEBrick</code></a></p>
<p>Use this class to add basic authentication to a <a href="../../WEBrick.html"><code>WEBrick</code></a> servlet.</p>
<p>Here is an example of how to set up a BasicAuth:</p>
<pre class="ruby"><span class="ruby-identifier">config</span> = { <span class="ruby-value">:Realm</span> <span class="ruby-operator">=></span> <span class="ruby-string">'BasicAuth example realm'</span> }
<span class="ruby-identifier">htpasswd</span> = <span class="ruby-constant">WEBrick</span><span class="ruby-operator">::</span><span class="ruby-constant">HTTPAuth</span><span class="ruby-operator">::</span><span class="ruby-constant">Htpasswd</span>.<span class="ruby-identifier">new</span> <span class="ruby-string">'my_password_file'</span>, <span class="ruby-value">password_hash:</span> <span class="ruby-value">:bcrypt</span>
<span class="ruby-identifier">htpasswd</span>.<span class="ruby-identifier">set_passwd</span> <span class="ruby-identifier">config</span>[<span class="ruby-value">:Realm</span>], <span class="ruby-string">'username'</span>, <span class="ruby-string">'password'</span>
<span class="ruby-identifier">htpasswd</span>.<span class="ruby-identifier">flush</span>
<span class="ruby-identifier">config</span>[<span class="ruby-value">:UserDB</span>] = <span class="ruby-identifier">htpasswd</span>
<span class="ruby-identifier">basic_auth</span> = <span class="ruby-constant">WEBrick</span><span class="ruby-operator">::</span><span class="ruby-constant">HTTPAuth</span><span class="ruby-operator">::</span><span class="ruby-constant">BasicAuth</span>.<span class="ruby-identifier">new</span> <span class="ruby-identifier">config</span>
</pre>
</section>
<section id="5Buntitled-5D" class="documentation-section">
<section class="attribute-method-details" class="method-section">
<header>
<h3>Attributes</h3>
</header>
<div id="attribute-i-logger" class="method-detail">
<div class="method-heading attribute-method-heading">
<span class="method-name">logger</span><span
class="attribute-access-type">[R]</span>
</div>
<div class="method-description">
</div>
</div>
<div id="attribute-i-realm" class="method-detail">
<div class="method-heading attribute-method-heading">
<span class="method-name">realm</span><span
class="attribute-access-type">[R]</span>
</div>
<div class="method-description">
</div>
</div>
<div id="attribute-i-userdb" class="method-detail">
<div class="method-heading attribute-method-heading">
<span class="method-name">userdb</span><span
class="attribute-access-type">[R]</span>
</div>
<div class="method-description">
</div>
</div>
</section>
<section id="public-class-5Buntitled-5D-method-details" class="method-section">
<header>
<h3>Public Class Methods</h3>
</header>
<div id="method-c-make_passwd" class="method-detail ">
<div class="method-heading">
<span class="method-name">make_passwd</span><span
class="method-args">(realm, user, pass)</span>
<span class="method-click-advice">click to toggle source</span>
</div>
<div class="method-description">
<p>Used by <a href="UserDB.html"><code>UserDB</code></a> to create a basic password entry</p>
<div class="method-source-code" id="make_passwd-source">
<pre><span class="ruby-comment"># File lib/webrick/httpauth/basicauth.rb, line 43</span>
<span class="ruby-keyword">def</span> <span class="ruby-keyword">self</span>.<span class="ruby-identifier ruby-title">make_passwd</span>(<span class="ruby-identifier">realm</span>, <span class="ruby-identifier">user</span>, <span class="ruby-identifier">pass</span>)
<span class="ruby-identifier">pass</span> <span class="ruby-operator">||=</span> <span class="ruby-string">""</span>
<span class="ruby-identifier">pass</span>.<span class="ruby-identifier">crypt</span>(<span class="ruby-constant">Utils</span><span class="ruby-operator">::</span><span class="ruby-identifier">random_string</span>(<span class="ruby-value">2</span>))
<span class="ruby-keyword">end</span></pre>
</div>
</div>
</div>
<div id="method-c-new" class="method-detail ">
<div class="method-heading">
<span class="method-name">new</span><span
class="method-args">(config, default=Config::BasicAuth)</span>
<span class="method-click-advice">click to toggle source</span>
</div>
<div class="method-description">
<p>Creates a new <a href="BasicAuth.html"><code>BasicAuth</code></a> instance.</p>
<p>See WEBrick::Config::BasicAuth for default configuration entries</p>
<p>You must supply the following configuration entries:</p>
<dl class="rdoc-list note-list"><dt>:Realm
<dd>
<p>The name of the realm being protected.</p>
</dd><dt>:UserDB
<dd>
<p>A database of usernames and passwords. A <a href="Htpasswd.html"><code>WEBrick::HTTPAuth::Htpasswd</code></a> instance should be used.</p>
</dd></dl>
<div class="method-source-code" id="new-source">
<pre><span class="ruby-comment"># File lib/webrick/httpauth/basicauth.rb, line 61</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier ruby-title">initialize</span>(<span class="ruby-identifier">config</span>, <span class="ruby-identifier">default</span>=<span class="ruby-constant">Config</span><span class="ruby-operator">::</span><span class="ruby-constant">BasicAuth</span>)
<span class="ruby-identifier">check_init</span>(<span class="ruby-identifier">config</span>)
<span class="ruby-ivar">@config</span> = <span class="ruby-identifier">default</span>.<span class="ruby-identifier">dup</span>.<span class="ruby-identifier">update</span>(<span class="ruby-identifier">config</span>)
<span class="ruby-keyword">end</span></pre>
</div>
</div>
</div>
</section>
<section id="public-instance-5Buntitled-5D-method-details" class="method-section">
<header>
<h3>Public Instance Methods</h3>
</header>
<div id="method-i-authenticate" class="method-detail ">
<div class="method-heading">
<span class="method-name">authenticate</span><span
class="method-args">(req, res)</span>
<span class="method-click-advice">click to toggle source</span>
</div>
<div class="method-description">
<p>Authenticates a <code>req</code> and returns a 401 Unauthorized using <code>res</code> if the authentication was not correct.</p>
<div class="method-source-code" id="authenticate-source">
<pre><span class="ruby-comment"># File lib/webrick/httpauth/basicauth.rb, line 70</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier ruby-title">authenticate</span>(<span class="ruby-identifier">req</span>, <span class="ruby-identifier">res</span>)
<span class="ruby-keyword">unless</span> <span class="ruby-identifier">basic_credentials</span> = <span class="ruby-identifier">check_scheme</span>(<span class="ruby-identifier">req</span>)
<span class="ruby-identifier">challenge</span>(<span class="ruby-identifier">req</span>, <span class="ruby-identifier">res</span>)
<span class="ruby-keyword">end</span>
<span class="ruby-identifier">userid</span>, <span class="ruby-identifier">password</span> = <span class="ruby-identifier">basic_credentials</span>.<span class="ruby-identifier">unpack</span>(<span class="ruby-string">"m*"</span>)[<span class="ruby-value">0</span>].<span class="ruby-identifier">split</span>(<span class="ruby-string">":"</span>, <span class="ruby-value">2</span>)
<span class="ruby-identifier">password</span> <span class="ruby-operator">||=</span> <span class="ruby-string">""</span>
<span class="ruby-keyword">if</span> <span class="ruby-identifier">userid</span>.<span class="ruby-identifier">empty?</span>
<span class="ruby-identifier">error</span>(<span class="ruby-string">"user id was not given."</span>)
<span class="ruby-identifier">challenge</span>(<span class="ruby-identifier">req</span>, <span class="ruby-identifier">res</span>)
<span class="ruby-keyword">end</span>
<span class="ruby-keyword">unless</span> <span class="ruby-identifier">encpass</span> = <span class="ruby-ivar">@userdb</span>.<span class="ruby-identifier">get_passwd</span>(<span class="ruby-ivar">@realm</span>, <span class="ruby-identifier">userid</span>, <span class="ruby-ivar">@reload_db</span>)
<span class="ruby-identifier">error</span>(<span class="ruby-string">"%s: the user is not allowed."</span>, <span class="ruby-identifier">userid</span>)
<span class="ruby-identifier">challenge</span>(<span class="ruby-identifier">req</span>, <span class="ruby-identifier">res</span>)
<span class="ruby-keyword">end</span>
<span class="ruby-keyword">case</span> <span class="ruby-identifier">encpass</span>
<span class="ruby-keyword">when</span> <span class="ruby-regexp">/\A\$2[aby]\$/</span>
<span class="ruby-identifier">password_matches</span> = <span class="ruby-constant">BCrypt</span><span class="ruby-operator">::</span><span class="ruby-constant">Password</span>.<span class="ruby-identifier">new</span>(<span class="ruby-identifier">encpass</span>.<span class="ruby-identifier">sub</span>(<span class="ruby-regexp">/\A\$2[aby]\$/</span>, <span class="ruby-string">'$2a$'</span>)) <span class="ruby-operator">==</span> <span class="ruby-identifier">password</span>
<span class="ruby-keyword">else</span>
<span class="ruby-identifier">password_matches</span> = <span class="ruby-identifier">password</span>.<span class="ruby-identifier">crypt</span>(<span class="ruby-identifier">encpass</span>) <span class="ruby-operator">==</span> <span class="ruby-identifier">encpass</span>
<span class="ruby-keyword">end</span>
<span class="ruby-keyword">unless</span> <span class="ruby-identifier">password_matches</span>
<span class="ruby-identifier">error</span>(<span class="ruby-string">"%s: password unmatch."</span>, <span class="ruby-identifier">userid</span>)
<span class="ruby-identifier">challenge</span>(<span class="ruby-identifier">req</span>, <span class="ruby-identifier">res</span>)
<span class="ruby-keyword">end</span>
<span class="ruby-identifier">info</span>(<span class="ruby-string">"%s: authentication succeeded."</span>, <span class="ruby-identifier">userid</span>)
<span class="ruby-identifier">req</span>.<span class="ruby-identifier">user</span> = <span class="ruby-identifier">userid</span>
<span class="ruby-keyword">end</span></pre>
</div>
</div>
</div>
<div id="method-i-challenge" class="method-detail ">
<div class="method-heading">
<span class="method-name">challenge</span><span
class="method-args">(req, res)</span>
<span class="method-click-advice">click to toggle source</span>
</div>
<div class="method-description">
<p>Returns a challenge response which asks for authentication information</p>
<div class="method-source-code" id="challenge-source">
<pre><span class="ruby-comment"># File lib/webrick/httpauth/basicauth.rb, line 103</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier ruby-title">challenge</span>(<span class="ruby-identifier">req</span>, <span class="ruby-identifier">res</span>)
<span class="ruby-identifier">res</span>[<span class="ruby-ivar">@response_field</span>] = <span class="ruby-node">"#{@auth_scheme} realm=\"#{@realm}\""</span>
<span class="ruby-identifier">raise</span> <span class="ruby-ivar">@auth_exception</span>
<span class="ruby-keyword">end</span></pre>
</div>
</div>
</div>
</section>
</section>
</main>
<footer id="validator-badges" role="contentinfo">
<p><a href="https://validator.w3.org/check/referer">Validate</a>
<p>Generated by <a href="https://ruby.github.io/rdoc/">RDoc</a> 6.2.1.1.
<p>Based on <a href="http://deveiate.org/projects/Darkfish-RDoc/">Darkfish</a> by <a href="http://deveiate.org">Michael Granger</a>.
</footer>