开发者

Digest authentication in Devise

开发者 https://www.devze.com 2023-02-15 04:47 出处:网络
I\'m using Rails 3 and Devise for authentication. I have a proper working devise for the website and basic authentication for 开发者_JAVA技巧API (json handler). How do I enable the digest authenticati

I'm using Rails 3 and Devise for authentication. I have a proper working devise for the website and basic authentication for 开发者_JAVA技巧API (json handler). How do I enable the digest authentication?

Their Wiki is telling me to add

def http_authenticate
  authenticate_or_request_with_http_digest do |user_name, password|
    user_name == "foo" && password == "bar"
  end
  warden.custom_failure! if performed?
end

Where do I add it to and how do I make user_name/password match?


That wiki entry sure assumes a lot.

My best guess is you need to add it to the appropriate controller (or the Application controller if you want it for everything).

And then add a :before_filter :http_authenticate! You could also try tracking down the person who wrote that wiki page and asking them.

Note. This relies on Warden to perform your authentication - Devise only handles accounts.

One of the reasons this stuff isn't documented so well is most people use a sophisticated authentication management system (eg. OmniAuth), and something else for permissions/authorization eg. DeclarativeAuthorization or CanCan if you prefer something more light weight.

HTTPBasic (and I assume Digest) tends not to play nicely with these.

0

精彩评论

暂无评论...
验证码 换一张
取 消

关注公众号