Project

authlane

0.0
Repository is archived
No commit activity in last 3 years
No release in over 3 years
authlanezidizei/authlaneHomepageDocumentationSource CodeBug TrackerWiki
The AuthLane Sinatra Extension allows simple User authentication with support for different User roles. It comes with Sinatra helpers for easy integration into routes.
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
 Popularity
Downloads
9,866
Stars
5
Forks
0
Watchers
3
 Releases
Current version
1.3.0
Total releases
3
First release
2015-01-08
Latest release
2015-04-01
 Development
Primary Language
Ruby
Licenses
MIT
Average date of last 50 commits
2015-02-02
Reverse Dependencies
0

 Dependencies

Development

bundler
~> 1.5
rake
~> 10.1
rspec
~> 2.6
yard
~> 0.8

Runtime

sinatra
>= 0
sinatra-contrib
>= 0
 Project Readme

AuthLane

The AuthLane Sinatra Extension allows easy User authentication with support for different User roles and automatic login via Cookies. It exposes Helper methods to tell which routes are protected or involved in the authentication process.

The actual authentication logic (strategy) is defined by the Application using a namespaced DSL provided by this extension, while the general Extension configuration is handled with Sinatra's set method, which will be described in more detail below.

Installation

Get the Gem:

gem install authlane

Or let Bundler do the work:

# Gemfile
gem 'authlane'

AuthLane utilizes the standard Sinatra Extension format for classic-style applications:

require 'sinatra'
require 'sinatra/authlane'

get '/user' do
  protect!

  # Application stuff for signed in users ....
end

As well as modular-style applications:

require 'sinatra/base'
require 'sinatra/cookies'
require 'sinatra/authlane'

class App < Sinatra::Base
  register Sinatra::AuthLane
  helpers Sinatra::Cookies

  get '/user' do
    protect!

    # Application stuff for signed in users
  end
end

Configuration

AuthLane's configuration data is available under Sinatra's settings object with the key :authlane as a Hash, so changing config values is simply done with Sinatra's set method.

set :authlane, :failed_route => '/login'

The following settings can be customize (the used values are their defaults):

set :authlane, :failed_route    => '/user/unauthorized',
               :session_key     => :authlane,
               :remember_cookie => :authlane_token,
               :serialize_user  => [:id]

:failed_route

The :failed_route sets the route String, where AuthLane should redirect to in case a route requires authorization and the User is not logged in. It typically is the route to display the login form, but can be set to anything that is needed, as long the it is not protected by authorization as well.

:session_key

The :session_key sets the name (as a Symbol) of the Session variable where User credentials of a logged in User are stored. The stored User data are wrapped inside a SerializedUser object and can be retrieved by using Sinatra's session helper and giving it the key that is defined here session[:authlane]. Alternatively, the AuthLane Helper exposes the method current_user to provide easy access to User data.

:remember_cookie

Customize the Cookie's name that stores the token hash used for the Remember Me functionality. The setting (and creation) of the token needs to be implemented by the Extension user in both the auth and remember strategy.

:serialize_user

The :serialized_user settings contains an Array of Symbols telling AuthLane which attributes of the User model that is used to identify Application users should be serialized into a SerializedUser object. It is recommended to not store the whole User object, but note that the id (or however the unique identifier of the object is named) attribute is required.

Alternatively, you can specify your own Class to be used.

set :authlane, :serialize_user => CustomUser

The CustomUser's initialize method receives one argument, which is the User object. What that object is exactly depends on your Auth strategy implementation. Basically, it's the User data coming from your application's persisting backend, like a database.

class CustomUser
  attr_reader :id

  def initialize(user)
    @id = user.id
  end
end

It is possible to have attribute accessors in your custom Class, but beware that AuthLane will not save changes back to your backend.