Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/gnab/sinatra-authorize
Smooth authentication-agnostic rule-based authorization extension for Sinatra.
https://github.com/gnab/sinatra-authorize
Last synced: 27 days ago
JSON representation
Smooth authentication-agnostic rule-based authorization extension for Sinatra.
- Host: GitHub
- URL: https://github.com/gnab/sinatra-authorize
- Owner: gnab
- License: mit
- Created: 2011-04-16T14:28:31.000Z (over 13 years ago)
- Default Branch: master
- Last Pushed: 2011-05-21T18:59:30.000Z (over 13 years ago)
- Last Synced: 2024-05-13T23:20:51.431Z (7 months ago)
- Language: Ruby
- Homepage: https://github.com/gnab/sinatra-authorize
- Size: 97.7 KB
- Stars: 10
- Watchers: 4
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- Changelog: HISTORY.md
- License: LICENSE
Awesome Lists containing this project
- awesome-sinatra - Sinatra-authorize - Smooth authentication-agnostic rule-based (Authroization)
README
# sinatra-authorize
### Authentication-agnostic rule-based authorization extension for Sinatra
Provides a flexible rule-based authorization framework:
* Define `authorize` block for evaluating rules
* Set default rule for all routes
* Override default rule per routeChoice of authentication approach is entirely up to the application.
### Installation
gem install sinatra-authorize
### Usage
Define `authorize` block for evaluating rules, and optionally set the default rule:
authorize :deny => :all do |rule, args|
# evaluate rule
endOmitting a default rule when defining the `authorize` block makes
`:allow => []` the default rule.Override default rule per route:
get '/', :allow => :all do
# :allow => :all rule overrides default :deny => :all rule
endAuthorization is performed just before the route is evaluated, after the
pattern has been matched and any other conditions have been evaluated.#### Usage scenario
Simple scenario with default `:allow` rule, which is overriden for protected
routes:require 'sinatra'
require 'sinatra/authorize'enable :sessions
authorize do |rule, args|
if args == [:user]
session[:user] != nil
elsif args == [:admin]
session[:admin] != nil
end
end# Availabe to all, as default rule is :allow => []
get '/' do
end# Availabe to all, as default rule is :allow => []
post '/authenticate' do
if params[:username] == 'username' && params[:password] == 'password'
session[:user] = params[:username]if session[:user] == 'admin'
session[:admin] = true
end
end
end# Only run for authorized user requests, because of override rule
get '/content/:id', :allow => :user do
end# Only run for authorized admin requests, because of override rule
get '/admin/content/:id', :allow => :admin do
endThe `authorize` block only needs to handle the `:allow` rules present in the
scenario. Also, only the rule arguments used, `:user` and `:admin`, are
accounted for. No default rule is set when defining the `authorize` block,
thus making `:allow => []` the default rule. The routes `/` and `/authenticate`
is evaluated using the default `:allow` rule, whereas the `/content/:id` and
`/admin/content:id` routes override the default rule.### License
sinatra-authorize is licensed under the MIT license. See LICENCE for further
details.