/htpasswd

ActionPack plugin for authorizing users with HTTP basic/digest authentications

Primary LanguageRuby

Htpasswd
========
This plugin allows controllers to use HTTP Basic and Digest access authentication.
You can specify user passwords like this.

 * inline plain password
 * inline crypted password
 * external password file


Syntax
======

  htpasswd *options*
  htdigest *options*


Options
=======

 * user   : user name                               # default: nil
 * pass   : password (format depends on :type)      # default: nil
 * type   : one of ( :plain | :crypted )            # default: :plain
 * file   : external file path                      # default: nil
 * realm  : realm value                             # default: "Authorization"
 * class  : specify ActiveRecord class for account  # default: nil
 * scheme : auth scheme                             # default: automatically set by method name


Usage
=====

(1) Basic Access Authentication

class AdminController < ApplicationController
  htpasswd :user=>"maiha", :pass=>"berryz"
  htpasswd :user=>"maiha", :pass=>"7Et1Y7tCawx32", :type=>:crypted
  htpasswd :user=>"maiha", :pass=>"berryz", :realm=>"Member Only"
  htpasswd :file=>"/usr/local/apache/passwd/.htpasswd"
  htpasswd :class=>"Account"                                    # authorize user with Account#username and Account#password
  htpasswd :class=>"Account", :user=>"login", :pass=>"secret"   # use "login" and "secret" columns
end


(2) Digest Access Authentication

class AdminController < ApplicationController
  htdigest :user=>"maiha", :pass=>"berryz"
  htdigest :user=>"maiha", :pass=>"812b1d067e9ce1e44f09215339e3cd69", :type=>:crypted
  htdigest :file=>"/usr/local/apache/passwd/.htdigest"
  htdigest :class=>"Account"                                    # Account#password should be realm-considered value.
end


(3) Multiple Access Authentications

class AdminController < ApplicationController
  htpasswd :user=>"maiha", :pass=>"berryz"
  htdigest :user=>"airi" , :pass=>"cute"
end

Although user 'maiha' is authorized by Basic auth,
user 'airi' is authorized by Digest auth in this case.
And this controller returns Digest one as a 401 response
because it is strongest auth-scheme in above schemes.


(4) Authorized User Name

class AdminController < ApplicationController
  htpasswd :user=>"maiha", :pass=>"berryz"
  def index
    render :text=>"current_user: #{@htpasswd_authorized_username}"
  end
end

Authorized user name is set in @htpasswd_authorized_username.


(0) Creating a htdigest file

>> Htpasswd::Auths::Digest.new(:user=>"maiha", :pass=>"berryz").entry
=> "maiha:Authorization:812b1d067e9ce1e44f09215339e3cd69"

This acts same as following unix command.

% htdigest -c filename maiha


Restrictions
============

* 'realm' value should not contain any commas and semicolons.


Rails
=====

1.2 : OK
2.1 : OK
2.2 : OK


Test
====

Just type.

% ruby vendor/plugins/htpasswd/test/htpasswd_test.rb
% ruby vendor/plugins/htpasswd/test/htdigest_test.rb


Author
======
The original author is Kawamura.
Composed by maiha@wota.jp