| blob | e835361dc223dcf1780e8b02806b6a4390ff5ef9 |
1 #
2 # httpauth/basicauth.rb -- HTTP basic access authentication
3 #
4 # Author: IPR -- Internet Programming with Ruby -- writers
5 # Copyright (c) 2003 Internet Programming with Ruby writers. All rights
6 # reserved.
7 #
8 # $IPR: basicauth.rb,v 1.5 2003/02/20 07:15:47 gotoyuzo Exp $
10 require 'webrick/config'
11 require 'webrick/httpstatus'
12 require 'webrick/httpauth/authenticator'
14 module WEBrick
15 module HTTPAuth
16 class BasicAuth
17 include Authenticator
19 AuthScheme = "Basic"
21 def self.make_passwd(realm, user, pass)
22 pass ||= ""
23 pass.crypt(Utils::random_string(2))
24 end
26 attr_reader :realm, :userdb, :logger
28 def initialize(config, default=Config::BasicAuth)
29 check_init(config)
30 @config = default.dup.update(config)
31 end
33 def authenticate(req, res)
34 unless basic_credentials = check_scheme(req)
35 challenge(req, res)
36 end
37 userid, password = basic_credentials.unpack("m*")[0].split(":", 2)
38 password ||= ""
39 if userid.empty?
40 error("user id was not given.")
41 challenge(req, res)
42 end
43 unless encpass = @userdb.get_passwd(@realm, userid, @reload_db)
44 error("%s: the user is not allowed.", userid)
45 challenge(req, res)
46 end
47 if password.crypt(encpass) != encpass
48 error("%s: password unmatch.", userid)
49 challenge(req, res)
50 end
51 info("%s: authentication succeeded.", userid)
52 req.user = userid
53 end
55 def challenge(req, res)
56 res[@response_field] = "#{@auth_scheme} realm=\"#{@realm}\""
57 raise @auth_exception
58 end
59 end
61 class ProxyBasicAuth < BasicAuth
62 include ProxyAuthenticator
63 end
64 end
65 end