Attempt at authorization with goliath

auth.rb

#!/usr/bin/env ruby

require 'rubygems'
require 'goliath'
require 'warden'
require 'digest/sha1'
require 'pp'

Warden::Strategies.add(:password) do
  def valid?
    env.params["user"] || env.params["passwd"]
  end

  def authenticate!
    u = if params['user'] == 'dan' && params['passwd'] == 'mypass'
      "dan"
    else
      nil
    end

    u.nil? ? fail!("Could not log in") : success!(u)
  end
end

class Authenticator
  def initialize(app)
    @app = app
  end

  def call(env)
    if env['REQUEST_PATH'] == '/logout'
      env['warden'].logout
      return [200, {}, 'Logged out']
    else
      env['my_user'] = env['warden'].authenticate!
      @app.call(env)
    end
  end
end

class Auth < Goliath::API
  use Goliath::Rack::Params
  use Rack::Session::Cookie, :secret => 'change me'
  use Warden::Manager do |manager|
    manager.default_strategies :password
    manager.failure_app = Proc.new { |env| [401, {}, 'Access Denied'] }
  end

  use Authenticator

  def response(env)
    [200, {}, "OK #{env.my_user}"]
  end
end

gistfile2.txt

The one problem I see with the above is that the Authenticator middleware doesn't happen 
within the fiber since we start the fiber right before the API is called. This means, 
hooking into ActiveRecord with em_mysql won't work.