module Ramaze::Helper::Auth

The Auth helper can be used for authentication without using a model. This can be useful when working with very basic applications that don't require database access.

If you're looking for a way to do authentication using a model you should take a look at Helper::User instead.

Public Class Methods

included(into) click to toggle source
# File lib/ramaze/helper/auth.rb, line 22
def self.included(into)
  into.helper(:stack)
end

Public Instance Methods

login() click to toggle source

Log a user in based on the :username and :password key in the request hash.

@return [String] The login template in case the user's login data was

incorrect.
# File lib/ramaze/helper/auth.rb, line 33
def login
  if trait[:auth_post_only] and !request.post?
    return auth_template
  end

  @username, password = request[:username, :password]

  answer(request.referer) if auth_login(@username, password)

  return auth_template
end
logout() click to toggle source

Log the user out and redirect him back to the previous page.

# File lib/ramaze/helper/auth.rb, line 48
def logout
  auth_logout
  redirect_referrer
end

Private Instance Methods

auth_login(user, pass) click to toggle source

Try to log the user in based on the username and password. This method is called by the login() method and shouldn't be called directly.

@param [String] user The users's username. @param [String] pass The user's password.

# File lib/ramaze/helper/auth.rb, line 81
def auth_login(user, pass)
  return unless user and pass
  return if user.empty? or pass.empty?

  return unless table   = ancestral_trait[:auth_table]
  return unless hashify = ancestral_trait[:auth_hashify]

  if table.respond_to?(:to_sym) or table.respond_to?(:to_str)
    table = send(table)
  elsif table.respond_to?(:call)
    table = table.call
  end

  return unless table[user] == hashify.call(pass)

  session[:logged_in] = true
  session[:username]  = user
end
auth_logout() click to toggle source

Remove the session items that specified that the user was logged in.

# File lib/ramaze/helper/auth.rb, line 103
def auth_logout
  session.delete(:logged_in)
  session.delete(:username)
end
auth_template() click to toggle source

Method that returns a small form that can be used for logging in.

@return [String] The login form.

# File lib/ramaze/helper/auth.rb, line 112
      def auth_template
        "<form method="post" action="#{r(:login)}">
  <ul style="list-style:none;">
    <li>Username: <input type="text" name="username" value="#@username"/></li>
    <li>Password: <input type="password" name="password" /></li>
    <li><input type="submit" /></li>
  </ul>
</form>
".strip!
      end
logged_in?() click to toggle source

Validate the user's session and return a boolean that indicates if the user is logged in or not.

@return [true false] Whether user is logged in right now

# File lib/ramaze/helper/auth.rb, line 69
def logged_in?
  !!session[:logged_in]
end
login_required() click to toggle source

Validate the user's session and redirect him/her to the login page in case the user isn't logged in.

# File lib/ramaze/helper/auth.rb, line 59
def login_required
  call(r(:login)) unless logged_in?
end