Skip to content

Instantly share code, notes, and snippets.

@andrewcsmith
Last active December 20, 2015 04:59
Show Gist options
  • Save andrewcsmith/6075364 to your computer and use it in GitHub Desktop.
Save andrewcsmith/6075364 to your computer and use it in GitHub Desktop.
A quick and dirty way to authenticate users in a Sinatra app. Probably not secure.
require 'sinatra'
require 'sinatra/reloader' if development?
require 'digest/md5'
require 'haml'
# enable :sessions
use Rack::Session::Cookie, :key => 'rack.session', :path => '/', :secret => 'change_me'
auth_dir = "./auth"
configure :test do
auth_dir = "./auth_test"
unless Dir.exist? auth_dir
Dir.mkdir auth_dir
end
end
get '/' do
if session[:name]
@greeting = session[:name]
else
@greeting = "World"
end
haml :index
end
get '/login' do
haml :login
end
post '/login' do
file_path = "#{auth_dir}/#{params[:name]}.txt"
if File.exist?(file_path) && params[:password]
provided_password = Digest::MD5.hexdigest(params[:password].strip)
correct_password = File.read(file_path)
if provided_password == correct_password
session[:name] = params[:name]
redirect to '/'
else
"Invalid password."
end
else
"You don't exist"
end
end
get '/join' do
haml :join
end
post '/join' do
file_path = "#{auth_dir}/#{params[:name]}.txt"
if !File.exist?(file_path) && params[:password]
File.open(file_path, 'w') do |f|
f.print Digest::MD5.hexdigest(params[:password].strip)
end
session[:name] = params[:name]
redirect to '/'
else
"You already exist, or forgot to provide a password."
end
end
get '/logout' do
session.destroy
redirect to '/'
end
__END__
@@ layout
%html
%body
= yield
%br
%ul.nav-menu{:style => "list-style-type: none;"}
%li
%a{:href => "/login"} Log In
%li
%a{:href => "/logout"} Log Out
%li
%a{:href => "/join"} Join
@@ index
= "Hello, #{@greeting}!"
@@ login
= "Log in here"
%form{:action => '/login', :method => 'post'}
%input{:type => 'text', :name => 'name'}
%input{:type => 'password', :name => 'password'}
%input{:type => 'submit', :value => 'Log In'}
@@ join
= "Join Us."
%form{:action => '/join', :method => 'post'}
%input{:type => 'test', :name => 'name'}
%input{:type => 'password', :name => 'password'}
%input{:type => 'submit', :value => 'Sign Up'}
require 'minitest/autorun'
require 'rack/test'
require './sinatrauthenticate.rb'
set :environment, :test
class SinatrauthenticateTest < MiniTest::Test
include Rack::Test::Methods
def app
Sinatra::Application
end
def test_hello_world
get '/'
assert last_response.ok?
assert_match /Hello, World!/, last_response.body
end
def test_login_page
get '/login'
assert last_response.ok?
assert_match /Log in here/, last_response.body
end
def test_join_page
get '/join'
assert last_response.ok?
assert_match /Join Us\./, last_response.body
end
def test_successful_login
post '/join', :name => "Andrew", :password => "unsafe"
post '/login', :name => "Andrew", :password => "unsafe"
follow_redirect!
assert_match /Hello, Andrew!/, last_response.body
end
end
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment