Class: Booth::Request

Inherits:

Object

• Object
• Booth::Request

Includes:

Logging

Defined in:

lib/booth/request.rb

Overview

Convenience wrapper for Rack::Request.

Instance Attribute Summary

• #scope ⇒ Object readonly

  A Controller that logs the user in, needs to know in which scope to login to.

Instance Method Summary

• #agent ⇒ Object
• #authentication ⇒ Object
• #host ⇒ Object
• #initialize(request:, scope:) ⇒ Request constructor

  Initializes a new Booth::Request instance.

• #ip ⇒ Object
• #location ⇒ Object
• #must_be_delete! ⇒ Object
• #must_be_get! ⇒ Object
• #must_be_html! ⇒ Object
• #must_be_json! ⇒ Object
• #must_be_logged_in! ⇒ Object
• #must_be_patch! ⇒ Object
• #must_be_post! ⇒ Object
• #origin ⇒ Object

  The webauthn gem compares the browser’s origin against ‘allowed_origins` character-by-character.

• #params ⇒ Object
• #return_path ⇒ Object
• #session(namespace:) ⇒ Object
• #storage ⇒ Object
• #sudo ⇒ Object

Constructor Details

#initialize(request:, scope:) ⇒ Request

Initializes a new Booth::Request instance.

Parameters:

• ‘:request` - The request object (`ActionDispatch::Request`, `Rack::Request`, or

  +Booth::Request+).
  

• ‘scope` - The controller scope identifier (Symbol).

# File 'lib/booth/request.rb', line 15

def initialize(request:, scope:)
  # Sometimes we pass the request instance from one `Calls` object to another.
  # In that case, unwrap the underlying request and take that as basis.
  # if request.is_a?(::Booth::Request)
  #   return request if request.scope == scope
  #   #request = request.send(:request)
  # end

  # The underlying `request` is an `ActionDispatch::Request` or a `Rack::Request`.
  # For consistency, we always convert to the more rich interface provided by Rails.
  request = ActionDispatch::Request.new(request.env) if request.is_a?(::Rack::Request)

  @request = request
  @scope = ::Booth::Syntaxes::Scope.call(scope).normalized_scope
end

Instance Attribute Details

#scope ⇒ Object (readonly)

A Controller that logs the user in, needs to know in which scope to login to. The scope is an authoritative way for the Rails developer to specify a dedicated area.

For example:

“‘ruby Booth::Userland.new_login(scope: :admin, …) Booth::Userland.new_login(scope: :guest, …) “`

The implementation could then check if a user is already logged in in that scope, while ignoring other scopes.

For convenience, we store the authoritative controller scope here, in the request wrapper.

# File 'lib/booth/request.rb', line 45

def scope
  @scope
end

Instance Method Details

#agent ⇒ Object

# File 'lib/booth/request.rb', line 68

def agent
  ::Booth::Requests::Agent.call(request:)
end

#authentication ⇒ Object

# File 'lib/booth/request.rb', line 80

def authentication
  ::Booth::Requests::Authentication.new(scope:, warden: request.env['warden'])
end

#host ⇒ Object

# File 'lib/booth/request.rb', line 49

def host
  ::Booth::Syntaxes::Domain.call(request.host).valid_domain
end

#ip ⇒ Object

# File 'lib/booth/request.rb', line 72

def ip
  ::Booth::Requests::Ip.call(request:)
end

#location ⇒ Object

# File 'lib/booth/request.rb', line 76

def location
  ::Booth::Core::Geolocation.lookup(ip)
end

#must_be_delete! ⇒ Object

# File 'lib/booth/request.rb', line 134

def must_be_delete!
  request.delete? || raise(::Booth::Errors::MustBeDelete)
end

#must_be_get! ⇒ Object

# File 'lib/booth/request.rb', line 122

def must_be_get!
  request.get? || raise(::Booth::Errors::MustBeGet)
end

#must_be_html! ⇒ Object

# File 'lib/booth/request.rb', line 114

def must_be_html!
  request.format.html? || raise(::Booth::Errors::MustBeHtml)
end

#must_be_json! ⇒ Object

# File 'lib/booth/request.rb', line 118

def must_be_json!
  request.format.json? || raise(::Booth::Errors::MustBeJson)
end

#must_be_logged_in! ⇒ Object

Raises:

• (::Booth::Errors::NotAuthenticated)

# File 'lib/booth/request.rb', line 107

def must_be_logged_in!
  return if authentication.logged_in?

  log { "Expected someone to be logged in in scope #{scope.inspect}" }
  raise ::Booth::Errors::NotAuthenticated
end

#must_be_patch! ⇒ Object

# File 'lib/booth/request.rb', line 130

def must_be_patch!
  request.patch? || raise(::Booth::Errors::MustBePatch)
end

#must_be_post! ⇒ Object

# File 'lib/booth/request.rb', line 126

def must_be_post!
  request.post? || raise(::Booth::Errors::MustBePost)
end

#origin ⇒ Object

The webauthn gem compares the browser’s origin against ‘allowed_origins` character-by-character. Hardcoding `“http://##host:#port”` caused `WebAuthn::OriginVerificationError` in production. The browser sends `example.com` (no port) when the port is the scheme default. The browser sends `localhost:3000` (with port) when the port is not the scheme default. This method builds the origin string to match exactly what the browser sends.

# File 'lib/booth/request.rb', line 58

def origin
  standard_port = request.scheme == 'https' ? 443 : 80

  if port == standard_port
    "#{request.scheme}://#{host}"
  else
    "#{request.scheme}://#{host}:#{port}"
  end
end

#params ⇒ Object

# File 'lib/booth/request.rb', line 96

def params
  # Huh, I thought the following line was needed:
  # return request.param if request.params.is_a?(::ActionController::Parameters)

  @params ||= ::ActionController::Parameters.new(request.params)
end

#return_path ⇒ Object

# File 'lib/booth/request.rb', line 103

def return_path
  ::Booth::Requests::ReturnPath.call(params:)
end

#session(namespace:) ⇒ Object

# File 'lib/booth/request.rb', line 84

def session(namespace:)
  ::Booth::Requests::Session.new(scope:, namespace:, session: request.session)
end

#storage ⇒ Object

# File 'lib/booth/request.rb', line 92

def storage
  ::Booth::Requests::Storage.new(scope:, request: self)
end

#sudo ⇒ Object

# File 'lib/booth/request.rb', line 88

def sudo
  ::Booth::Requests::Sudo.new(scope:, request: self)
end