No commit activity in last 3 years
No release in over 3 years
You supply OpenIDs, this keeps anyone but people with access to those ids from getting through. You don't even have to make a form. :)
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
 Dependencies

Runtime

 Project Readme

EasyRackOpenId. Simplifies OpenID login for Rack apps.¶ ↑

Installation¶ ↑

gem install easy-rack-open-id
require 'easy-rack-open-id'
use Rack::Session::Cookie
use Rack::OpenID
use EasyRackOpenId::Server, :allowed_identifiers => ['http://example.com/']
run lambda {|env| [ 200, { 'Content-Type' => 'text/plain' }, [ 'Authenticated!' ] ] }

There’s an example in config.ru

Basically, slap EasyRackOpenId in front of the App you want to protect. Rack::OpenID needs to be above it. Data from the login (identifier, registration info) will be made available in session

session['verified_identity']['identifier'] # http://samsm.com/
session['verified_identity']['nickname']   # samsm

OpenID stores¶ ↑

OpenID needs some storage to remember cryptographic nuts and bolts. Rack:OpenID with no arguments uses an in memory OpenID store. This is ok for trying out with rackup, but won’t work in a variety of scenarios including using shotgun and multiple servers. You can pass it a different store like so:

require 'openid_mongodb_store' # http://github.com/samsm/openid_mongodb_store
MongoMapper.database = 'testorama'
MongoMapper.database.authorize('username','password')
use Rack::OpenID, OpenidMongodbStore::Store.new

Too Many Options!¶ ↑

With no arguments, EasyRackOpenId will only allow users with a verified OpenID to proceed. It won’t care what that identity is.

:allowed_identifiers - when used, only identities in the provided array will be allowed access.

:identity_match - when used, only identities matching this regex pattern will be allowed.

Right now allowed_identifiers and identity_match cannot both be used at once.

:default_return_to is a path just in case the automatic return_to mysteriously vanishes. Unlikely.

:login_path is where to send a user if login fails. Perhaps a login form?

:logout_path (defaults to /logout) path that, when visited will clear the login session.

:after_logout_path After a user logs out, send them here (don’t want the user sitting on the logout path).

:form picks which style of openid form is used for login. Choose from ‘boring’, ‘selector’, and ‘real-selector’ (default).

Registration options¶ ↑

:required an array of what simple registration/attribute exchange details you want to fetch about a person.

:optional like above, registration

:policy_url

OpenID Selector, Real-selector¶ ↑

This package includes nice-looking default login forms from the “openid-selector” and “real-openid-selector” projects. This gem will serve the necessary javascript/images, but it may be more efficient to copy public/easy-rack-open-id-assets into your application’s public directory so that Apache/Nginx/whatever can serve those file directly.