module Ramaze::Helper::Auth
The Auth helper can be used for authentication without using a model. This can be useful when working with very basic applications that don't require database access.
If you're looking for a way to do authentication using a model you should take a look at Helper::User instead.
Public Class Methods
# File lib/ramaze/helper/auth.rb, line 22 def self.included(into) into.helper(:stack) end
Public Instance Methods
Log a user in based on the :username and :password key in the request hash.
@return [String] The login template in case the user's login data was
incorrect.
# File lib/ramaze/helper/auth.rb, line 33 def login if trait[:auth_post_only] and !request.post? return auth_template end @username, password = request[:username, :password] answer(request.referer) if auth_login(@username, password) return auth_template end
Log the user out and redirect him back to the previous page.
# File lib/ramaze/helper/auth.rb, line 48 def logout auth_logout redirect_referrer end
Private Instance Methods
Try to log the user in based on the username and password. This method is called by the login() method and shouldn't be called directly.
@param [String] user The users's username. @param [String] pass The user's password.
# File lib/ramaze/helper/auth.rb, line 81 def auth_login(user, pass) return unless user and pass return if user.empty? or pass.empty? return unless table = ancestral_trait[:auth_table] return unless hashify = ancestral_trait[:auth_hashify] if table.respond_to?(:to_sym) or table.respond_to?(:to_str) table = send(table) elsif table.respond_to?(:call) table = table.call end return unless table[user] == hashify.call(pass) session[:logged_in] = true session[:username] = user end
Remove the session items that specified that the user was logged in.
# File lib/ramaze/helper/auth.rb, line 103 def auth_logout session.delete(:logged_in) session.delete(:username) end
Method that returns a small form that can be used for logging in.
@return [String] The login form.
# File lib/ramaze/helper/auth.rb, line 112 def auth_template "<form method="post" action="#{r(:login)}"> <ul style="list-style:none;"> <li>Username: <input type="text" name="username" value="#@username"/></li> <li>Password: <input type="password" name="password" /></li> <li><input type="submit" /></li> </ul> </form> ".strip! end
Validate the user's session and return a boolean that indicates if the user is logged in or not.
@return [true false] Whether user is logged in right now
# File lib/ramaze/helper/auth.rb, line 69 def logged_in? !!session[:logged_in] end
Validate the user's session and redirect him/her to the login page in case the user isn't logged in.
# File lib/ramaze/helper/auth.rb, line 59 def login_required call(r(:login)) unless logged_in? end