Created

Embed URL

HTTPS clone URL

SSH clone URL

You can clone with HTTPS or SSH.

Download Gist

Warden and Sinatra example

View gist:1327195
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143
require 'sinatra/base'
require 'rack/flash'
require 'warden'
require 'slim'
require 'sequel'
require 'sqlite3'
 
DB = Sequel.sqlite
DB.create_table :users do
primary_key :id
String :name
String :password # don't do this in production!
end
 
class User < Sequel::Model
def self.authenticate(name, password)
user = self.first(name: name)
user if user && user.password == password
end
end
 
User.create(name: 'abc', password: 'secret')
 
module App
class Session < Sinatra::Base
enable :inline_templates
get '/new' do
slim :new
end
 
post '/' do
env['warden'].authenticate!
flash.success = env['warden'].message
redirect session[:return_to]
end
 
delete '/' do
env['warden'].raw_session.inspect
env['warden'].logout
flash.success = 'Successfully logged out'
redirect '/'
end
 
post '/unauthenticated' do
session[:return_to] = env['warden.options'][:attempted_path]
flash.error = env['warden'].message
redirect to '/new'
end
not_found do
redirect '/' # catch redirects to GET '/session'
end
end
 
class Main < Sinatra::Base
enable :inline_templates
get '/' do
slim 'h1 Index'
end
get '/admin' do
env['warden'].authenticate!
slim 'h1 Admin'
end
end
end
 
 
builder = Rack::Builder.new do
Warden::Manager.serialize_into_session{|user| user.id }
Warden::Manager.serialize_from_session{|id| User[id] }
Warden::Manager.before_failure do |env,opts|
env['REQUEST_METHOD'] = 'POST'
end
 
Warden::Strategies.add(:password) do
def valid?
params['user'] && params['user']['name'] && params['user']['password']
end
 
def authenticate!
user = User.authenticate(
params['user']['name'],
params['user']['password']
)
user.nil? ? fail!('Could not log in') : success!(user, 'Successfully logged in')
end
end
use Rack::MethodOverride
use Rack::Session::Cookie
use Rack::Flash, accessorize: [:error, :success]
use Warden::Manager do |config|
config.scope_defaults :default,
strategies: [:password],
action: 'session/unauthenticated'
config.failure_app = self
end
 
map '/session' do
run App::Session
end
 
map '/' do
run App::Main
end
end
 
Rack::Handler::Thin.run builder
 
__END__
@@ layout
html
head
body
#flash
- [:error, :success].each do |name|
- if flash.has?(name)
.message class=name
p = flash[name]
nav
ul
- if env['warden'].authenticated?
li
form action='/session' method='post'
input type='hidden' name='_method' value='delete'
input type='submit' value='logout'
- else
li
a href='/session/new' login to your account
li
a href='/admin' admin
== yield
@@ new
form method='post' action=url('/')
input type='input' name='user[name]' placeholder='abc'
input type='input' name='user[password]' placeholder='secret'
input type='submit'
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.