/ Ruby on Rails
/
method

authenticate_or_request_with_http_basic

authenticate_or_request_with_http_basic(realm = "Application", &login_procedure)
public

No documentation available.

# File actionpack/lib/action_controller/http_authentication.rb, line 80
        def authenticate_or_request_with_http_basic(realm = "Application", &login_procedure)
          authenticate_with_http_basic(&login_procedure) || request_http_basic_authentication(realm)
        end

3Notes

Easy and effective admin authentication

james · Jul 23, 20089 thanks

Great for use within an AdminController (in which all other administrative controllers inherit from AdminController).

class AdminController < ApplicationController before_filter :authenticate

def authenticate authenticate_or_request_with_http_basic('Administration') do |username, password| username == 'admin' && password == 'password' end end end

with password md5 encrypted

neves · Aug 14, 20087 thanks

If you are afraid to let your plain password on the code, you can do this instead: require 'digest'

class AdminController < ApplicationController

before_filter :authenticate

def authenticate authenticate_or_request_with_http_basic('Administration') do |username, password| md5_of_password = Digest::MD5.hexdigest(password) username == 'admin' && md5_of_password == '5ebe2294ecd0e0f08eab7690d2a6ee69' end end end

where '5ebe2294ecd0e0f08eab7690d2a6ee69' is the md5 of the word 'secret'.

You can get your own with this free webservice:
http://qi64.appspot.com/md5/secret (replace 'secret' with your secret word).

Testing protected controllers

Towbie · Sep 4, 20085 thanks

When testing controllers which are protected with #authenticate_or_request_with_http_basic this is how you can supply the credentials for a successful login:

@request.env["HTTP_AUTHORIZATION"] = "Basic " + Base64::encode64("username:password")

Must be set before the request is sent through #get or whatever method.