Class: TalkToYourApp::Auth::Middleware
- Inherits:
-
Object
- Object
- TalkToYourApp::Auth::Middleware
- Defined in:
- lib/talk_to_your_app/auth/middleware.rb
Overview
Rack middleware sitting in front of the MCP transport. It authenticates every request, establishes the per-request principal, and enforces origin validation (DNS-rebinding protection per MCP spec 2025-11-25). Requests that fail never reach the transport.
Instance Method Summary collapse
- #call(env) ⇒ Object
-
#initialize(app) ⇒ Middleware
constructor
A new instance of Middleware.
Constructor Details
#initialize(app) ⇒ Middleware
Returns a new instance of Middleware.
15 16 17 |
# File 'lib/talk_to_your_app/auth/middleware.rb', line 15 def initialize(app) @app = app end |
Instance Method Details
#call(env) ⇒ Object
19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 |
# File 'lib/talk_to_your_app/auth/middleware.rb', line 19 def call(env) config = TalkToYourApp.configuration origin = env["HTTP_ORIGIN"] return forbidden if origin && !allowed_origin?(origin, config) principal = authenticate(env, config) return if principal.nil? TalkToYourApp::Current.principal = principal TalkToYourApp::Current.session_id = env["HTTP_MCP_SESSION_ID"] TalkToYourApp::Current.ip = Rack::Request.new(env).ip env["ttya.principal"] = principal @app.call(env) ensure TalkToYourApp::Current.reset end |