A strategy is a place where you can put logic related to authentication. Any strategy inherits from Warden::Strategies::Base.
The Warden::Strategies.add method is a simple way to provide custom strategies. You must declare an @authenticate!@ method. You may provide a @valid?@ method. The valid method should return true or false depending on if the strategy is a valid one for the request.
The parameters for Warden::Strategies.add method is:
<label: Symbol> The label is the name given to a strategy. Use the label to refer to the strategy when authenticating <strategy: Class|nil> The optional stragtegy argument if set _must_ be a class that inherits from Warden::Strategies::Base and _must_ implement an @authenticate!@ method <block> The block acts as a convinient way to declare your strategy. Inside is the class definition of a strategy.
Examples:
Block Declared Strategy: Warden::Strategies.add(:foo) do def authenticate! # authentication logic end end Class Declared Strategy: Warden::Strategies.add(:foo, MyStrategy)
:api: private
:api: public
:api: public
:api: private
:api: public
:api: public
:api: public
Marks this strategy as not performed. :api: private
# File lib/warden/strategies/base.rb, line 64 def clear! @performed = false end
Return a custom rack array. You must throw an :warden symbol to activate this :api: public
# File lib/warden/strategies/base.rb, line 166 def custom!(response) halt! @custom_response = response @result = :custom end
Access to the errors object. :api: public
# File lib/warden/strategies/base.rb, line 84 def errors @env['warden'].errors end
Casuses the strategy to fail, but not halt. The strategies will cascade after this failure and warden will check the next strategy. The last strategy to fail will have it's message displayed. :api: public
# File lib/warden/strategies/base.rb, line 137 def fail(message = "Failed to Login") @message = message @result = :failure end
This causes the strategy to fail. It does not throw an :warden symbol to drop the request out to the failure application You must throw an :warden symbol somewhere in the application to enforce this Halts the strategies so that this is the last strategy checked :api: public
# File lib/warden/strategies/base.rb, line 129 def fail!(message = "Failed to Login") halt! @message = message @result = :failure end
Cause the processing of the strategies to stop and cascade no further :api: public
# File lib/warden/strategies/base.rb, line 90 def halt! @halted = true end
Checks to see if a strategy was halted :api: public
# File lib/warden/strategies/base.rb, line 96 def halted? !!@halted end
Provides access to the headers hash for setting custom headers :api: public
# File lib/warden/strategies/base.rb, line 76 def headers(header = {}) @headers ||= {} @headers.merge! header @headers end
A simple method to return from authenticate! if you want to ignore this strategy :api: public
# File lib/warden/strategies/base.rb, line 108 def pass; end
Causes the authentication to redirect. An :warden symbol must be thrown to actually execute this redirect
Parameters:
url <String> - The string representing the URL to be redirected to pararms <Hash> - Any parameters to encode into the URL opts <Hash> - Any options to recirect with. available options: permanent => (true || false)
:api: public
# File lib/warden/strategies/base.rb, line 151 def redirect!(url, params = {}, opts = {}) halt! @status = opts[:permanent] ? 301 : 302 headers["Location"] = url headers["Location"] << "?" << Rack::Utils.build_query(params) unless params.empty? headers["Content-Type"] = opts[:content_type] || 'text/plain' @message = opts[:message] || "You are being redirected to #{headers["Location"]}" @result = :redirect headers["Location"] end
Checks to see if a strategy should result in a permanent login :api: public
# File lib/warden/strategies/base.rb, line 102 def store? true end
Whenever you want to provide a user object as "authenticated" use the
success!
method. This will halt the strategy, and set the user
in the approprieate scope. It is the "login" method
Parameters:
user - The user object to login. This object can be anything you have setup to serialize in and out of the session
:api: public
# File lib/warden/strategies/base.rb, line 118 def success!(user, message = nil) halt! @user = user @message = message @result = :success end
Acts as a guarding method for the strategy. If valid? responds false, the strategy will not be executed Overwrite with your own logic :api: overwritable
# File lib/warden/strategies/base.rb, line 72 def valid?; true; end