Merge pull request #95 from dhollinger/user_password_auth

Re-add user/pass support
voxpupuli · Mar 11, 2019 · e9ebb0c · e9ebb0c
2 parents 0b21187 + 52b14d9
commit e9ebb0c
Show file tree

Hide file tree

Showing 2 changed files with 21 additions and 1 deletion.
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
@@ -25,7 +25,7 @@ class ApplicationController < Sinatra::Base
   private
 
   def protected!
-    env['warden'].authenticate!(:access_token)
+    env['warden'].authenticate!(:access_token, :basic)
   end
 
   def authorized?

diff --git a/app/controllers/authentication_controller.rb b/app/controllers/authentication_controller.rb
@@ -33,4 +33,24 @@ def authenticate!
       fail!('No token created! Please create a token with `rake db:generate_token` or set protected to `false` in the config.')
     end
   end
+
+  Warden::Strategies.add(:basic) do
+    def valid?
+      APP_CONFIG.user.is_a?(String)
+      APP_CONFIG.pass.is_a?(String)
+    end
+
+    def authenticate!
+      hash = request.env['HTTP_AUTHORIZATION'].split(' ')[1]
+      decoded_auth = Base64.decode64(hash).split(':')
+      umatch = decoded_auth[0] == APP_CONFIG.user
+      pmatch = decoded_auth[1] == APP_CONFIG.pass
+
+      access_granted = umatch == pmatch
+
+      !access_granted ? fail!('Invalid Username or Password!') : success!(access_granted)
+    rescue NoMethodError
+      fail!('No authentication passed! Authentication required.')
+    end
+  end
 end