Class | Warden::Proxy |
In: |
lib/warden/proxy.rb
lib/warden/errors.rb |
Parent: | Object |
ENV_WARDEN_ERRORS | = | 'warden.errors'.freeze |
ENV_SESSION_OPTIONS | = | 'rack.session.options'.freeze |
config | [R] | An accessor to the rack env hash, the proxy owner and its config :api: public |
env | [R] | An accessor to the rack env hash, the proxy owner and its config :api: public |
manager | [R] | An accessor to the rack env hash, the proxy owner and its config :api: public |
winning_strategies | [R] | An accessor to the rack env hash, the proxy owner and its config :api: public |
winning_strategy | [RW] | An accessor to the winning strategy :api: private |
Run the authentiation strategies for the given strategies. If there is already a user logged in for a given scope, the strategies are not run This does not halt the flow of control and is a passive attempt to authenticate only When scope is not specified, the default_scope is assumed.
Parameters:
args - a list of symbols (labels) that name the strategies to attempt opts - an options hash that contains the :scope of the user to check
Example:
env['warden'].authenticate(:password, :basic, :scope => :sudo)
:api: public
The same as authenticate except on failure it will throw an :warden symbol causing the request to be halted and rendered through the failure_app
Example
env['warden'].authenticate!(:password, :scope => :publisher) # throws if it cannot authenticate
:api: public
Same API as authenticated, but returns a boolean instead of a user. The difference between this method (authenticate?) and authenticated? is that the former will run strategies if the user has not yet been authenticated, and the second relies on already performed ones. :api: public
Check to see if there is an authenticated user for the given scope. This brings the user from the session, but does not run strategies before doing so. If you want strategies to be run, please check authenticate?.
Parameters:
scope - the scope to check for authentication. Defaults to default_scope
Example:
env['warden'].authenticated?(:admin)
:api: public
Clear the cache of performed strategies so far. It has the same API as authenticate, allowing you to clear an specific strategies for given scope:
Parameters:
args - a list of symbols (labels) that name the strategies to attempt opts - an options hash that contains the :scope of the user to check
Example:
# Clear all strategies for the configured default_scope env['warden'].clear_strategies_cache! # Clear all strategies for the :admin scope env['warden'].clear_strategies_cache!(:scope => :admin) # Clear password strategy for the :admin scope env['warden'].clear_strategies_cache!(:password, :scope => :admin)
:api: public
Provides a way to return a 401 without warden defering to the failure app The result is a direct passthrough of your own response :api: public
Provides logout functionality. The logout also manages any authenticated data storage and clears it when a user logs out.
Parameters:
scopes - a list of scopes to logout
Example:
# Logout everyone and clear the session env['warden'].logout # Logout the default user but leave the rest of the session alone env['warden'].logout(:default) # Logout the :publisher and :admin user env['warden'].logout(:publisher, :admin)
:api: public
Points to a SessionSerializer instance responsible for handling everything related with storing, fetching and removing the user session. :api: public
Manually set the user into the session and auth proxy
Parameters:
user - An object that has been setup to serialize into and out of the session. opts - An options hash. Use the :scope option to set the scope of the user, set the :store option to false to skip serializing into the session.
:api: public
Same API as authenticated?, but returns false when authenticated. :api: public
Provides acccess to the user object in a given scope for a request. Will be nil if not logged in. Please notice that this method does not perform strategies.
Example:
# without scope (default user) env['warden'].user # with scope env['warden'].user(:admin)
:api: public