Class: Otto::Security::Authentication::Strategies::NoAuthStrategy

Inherits:

AuthStrategy

• Object
• AuthStrategy
• Otto::Security::Authentication::Strategies::NoAuthStrategy

Defined in:

lib/otto/security/authentication/strategies/noauth_strategy.rb

Overview

Public access strategy - always allows access

Instance Method Summary

• #authenticate(env, _requirement) ⇒ Object

Instance Method Details

#authenticate(env, _requirement) ⇒ Object

# File 'lib/otto/security/authentication/strategies/noauth_strategy.rb', line 14

def authenticate(env, _requirement)
  # Canonical client IP ("resolve once, read everywhere"): masked by
  # IPPrivacyMiddleware when privacy is on; REMOTE_ADDR fallback when
  # the middleware has not run.
  metadata = { ip: env['otto.client_ip'] || env['REMOTE_ADDR'] }
  metadata[:country] = env['otto.privacy.geo_country'] if env['otto.privacy.geo_country']

  Otto::Security::Authentication::StrategyResult.anonymous(metadata: metadata)
end