Htpasswd ======== This plugin allows controllers to use HTTP Basic and Digest access authentication. You can specify user passwords like this. * inline plain password * inline crypted password * external password file Syntax ====== htpasswd *options* htdigest *options* Options ======= * user : user name # default: nil * pass : password (format depends on :type) # default: nil * type : one of ( :plain | :crypted ) # default: :plain * file : external file path # default: nil * realm : realm value # default: "Authorization" * class : specify ActiveRecord class for account # default: nil * scheme : auth scheme # default: automatically set by method name Usage ===== (1) Basic Access Authentication class AdminController < ApplicationController htpasswd :user=>"maiha", :pass=>"berryz" htpasswd :user=>"maiha", :pass=>"7Et1Y7tCawx32", :type=>:crypted htpasswd :user=>"maiha", :pass=>"berryz", :realm=>"Member Only" htpasswd :file=>"/usr/local/apache/passwd/.htpasswd" htpasswd :class=>"Account" # authorize user with Account#username and Account#password htpasswd :class=>"Account", :user=>"login", :pass=>"secret" # use "login" and "secret" columns end (2) Digest Access Authentication class AdminController < ApplicationController htdigest :user=>"maiha", :pass=>"berryz" htdigest :user=>"maiha", :pass=>"812b1d067e9ce1e44f09215339e3cd69", :type=>:crypted htdigest :file=>"/usr/local/apache/passwd/.htdigest" htdigest :class=>"Account" # Account#password should be realm-considered value. end (3) Multiple Access Authentications class AdminController < ApplicationController htpasswd :user=>"maiha", :pass=>"berryz" htdigest :user=>"airi" , :pass=>"cute" end Although user 'maiha' is authorized by Basic auth, user 'airi' is authorized by Digest auth in this case. And this controller returns Digest one as a 401 response because it is strongest auth-scheme in above schemes. (4) Authorized User Name class AdminController < ApplicationController htpasswd :user=>"maiha", :pass=>"berryz" def index render :text=>"current_user: #{@htpasswd_authorized_username}" end end Authorized user name is set in @htpasswd_authorized_username. (0) Creating a htdigest file >> Htpasswd::Auths::Digest.new(:user=>"maiha", :pass=>"berryz").entry => "maiha:Authorization:812b1d067e9ce1e44f09215339e3cd69" This acts same as following unix command. % htdigest -c filename maiha Restrictions ============ * 'realm' value should not contain any commas and semicolons. Rails ===== 1.2 : OK 2.1 : OK 2.2 : OK Test ==== Just type. % ruby vendor/plugins/htpasswd/test/htpasswd_test.rb % ruby vendor/plugins/htpasswd/test/htdigest_test.rb Author ====== The original author is Kawamura. Composed by maiha@wota.jp