belison/faye_auth.rb

## faye_auth.rb
require 'base64'

module Publisher
  class FayeAuth
    def incoming(message, callback)
      # Let non-subscribe messages through
      unless message['channel'] == '/meta/subscribe'
        return callback.call(message)
      end

      # Get subscribed channel and auth token
      subscription = message['subscription']
      authorized = false

      if message.key?('ext')
        auth_token = message['ext']['authToken']
        stamp = message['ext']['timestamp']
        user_id = /\/(\S*)\//.match(subscription)[1]

        authorized = true if user_channel(user_id, stamp) == auth_token
      end


      # Add an error if the tokens don't match
      unless authorized
        message['error'] = 'Invalid subscription authentication token'
      end

      # Call the server back now we're done
      callback.call(message)
    end

    def self.user_channel(user_id, stamp)
      (Digest::SHA2.new << (user_id + 'PUT_IN_A_SECURED_SALT' + stamp)).to_s
    end
  end
end
	require 'base64'

	module Publisher
	class FayeAuth
	def incoming(message, callback)
	# Let non-subscribe messages through
	unless message['channel'] == '/meta/subscribe'
	return callback.call(message)
	end

	# Get subscribed channel and auth token
	subscription = message['subscription']
	authorized = false

	if message.key?('ext')
	auth_token = message['ext']['authToken']
	stamp = message['ext']['timestamp']
	user_id = /\/(\S*)\//.match(subscription)[1]

	authorized = true if user_channel(user_id, stamp) == auth_token
	end


	# Add an error if the tokens don't match
	unless authorized
	message['error'] = 'Invalid subscription authentication token'
	end

	# Call the server back now we're done
	callback.call(message)
	end

	def self.user_channel(user_id, stamp)
	(Digest::SHA2.new << (user_id + 'PUT_IN_A_SECURED_SALT' + stamp)).to_s
	end
	end
	end