Class: Otto::Security::Authentication::Strategies::SessionStrategy

Inherits:
AuthStrategy
  • Object
show all
Defined in:
lib/otto/security/authentication/strategies/session_strategy.rb

Overview

Session-based authentication strategy

Instance Method Summary collapse

Constructor Details

#initialize(session_key: 'user_id', session_store: nil) ⇒ SessionStrategy

Returns a new instance of SessionStrategy.



13
14
15
16
 
# File 'lib/otto/security/authentication/strategies/session_strategy.rb', line 13

def initialize(session_key: 'user_id', session_store: nil)
  @session_key = session_key
  @session_store = session_store
end

Instance Method Details

#authenticate(env, _requirement) ⇒ Object 



18
19
20
21
22
23
24
25
26
27
28
 
# File 'lib/otto/security/authentication/strategies/session_strategy.rb', line 18

def authenticate(env, _requirement)
  session = env['rack.session']
  return failure('No session available') unless session

  user_id = session[@session_key]
  return failure('Not authenticated') unless user_id

  # Create a simple user hash for the generic strategy
  user_data = { id: user_id, user_id: user_id }
  success(session: session, user: user_data, auth_method: 'session')
end

#user_context(env) ⇒ Object 



30
31
32
33
34
35
36
37
38
 
# File 'lib/otto/security/authentication/strategies/session_strategy.rb', line 30

def user_context(env)
  session = env['rack.session']
  return {} unless session

  user_id = session[@session_key]
  return {} unless user_id

  { user_id: user_id }
end