authenticate_or_request_with_http_basic(realm = "Application", message = nil, &login_procedure) public

No documentation

This method has no description. You can help the Ruby on Rails community by adding new notes.

Show source
Register or log in to add new notes.
July 23, 2008 - (<= v2.1.0)
9 thanks

Easy and effective admin authentication

Great for use within an AdminController (in which all other administrative controllers inherit from AdminController).

class AdminController < ApplicationController
  before_filter :authenticate

  def authenticate
    authenticate_or_request_with_http_basic('Administration') do |username, password|
      username == 'admin' && password == 'password'
August 14, 2008 - (<= v2.1.0)
7 thanks

with password md5 encrypted

If you are afraid to let your plain password on the code, you can do this instead:

 require 'digest'

 class AdminController < ApplicationController
  before_filter :authenticate

  def authenticate
    authenticate_or_request_with_http_basic('Administration') do |username, password|
      md5_of_password = Digest::MD5.hexdigest(password)
      username == 'admin' && md5_of_password == '5ebe2294ecd0e0f08eab7690d2a6ee69'

where ‘5ebe2294ecd0e0f08eab7690d2a6ee69’ is the md5 of the word ‘secret’.

You can get your own with this free webservice: <br /> (replace ‘secret’ with your secret word).

September 4, 2008
5 thanks

Testing protected controllers

When testing controllers which are protected with #authenticate_or_request_with_http_basic this is how you can supply the credentials for a successful login:

@request.env["HTTP_AUTHORIZATION"] = "Basic " + Base64::encode64("username:password")

Must be set before the request is sent through #get or whatever method.

November 14, 2011 - (v3.1.0)
2 thanks


For Rails 3.1 check see:

http_basic_authenticate_with :name => "username", :password => "pass"