Class: Otto::Security::SessionStrategy

Inherits:

AuthStrategy

• Object
• AuthStrategy
• Otto::Security::SessionStrategy

Defined in:

lib/otto/security/authentication.rb

Overview

Session-based authentication strategy

Instance Method Summary

• #authenticate(env, requirement) ⇒ Object
• #initialize(session_key: 'user_id', session_store: nil) ⇒ SessionStrategy constructor

  A new instance of SessionStrategy.

• #user_context(env) ⇒ Object

Constructor Details

#initialize(session_key: 'user_id', session_store: nil) ⇒ SessionStrategy

Returns a new instance of SessionStrategy.

# File 'lib/otto/security/authentication.rb', line 76

def initialize(session_key: 'user_id', session_store: nil)
  @session_key = session_key
  @session_store = session_store
end

Instance Method Details

#authenticate(env, requirement) ⇒ Object

# File 'lib/otto/security/authentication.rb', line 81

def authenticate(env, requirement)
  session = env['rack.session']
  return failure('No session available') unless session

  user_id = session[@session_key]
  return failure('Not authenticated') unless user_id

  success(user_id: user_id, session: session)
end

#user_context(env) ⇒ Object

# File 'lib/otto/security/authentication.rb', line 91

def user_context(env)
  session = env['rack.session']
  return {} unless session

  user_id = session[@session_key]
  user_id ? { user_id: user_id } : {}
end