Home/ Questions/Q 7581163
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-30T18:08:03+00:00

I’m using Basic Auth for authentication in my config.ru. In the Auth Basic block

  • 0

I’m using Basic Auth for authentication in my config.ru. In the Auth Basic block I want to get and ID from the path and check if the user has rights to see the path. However, I can’t figure out how to access the path.

use Rack::Auth::Basic do |username, password|
  # access path here
end

Any ideas?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    When you using putting Rack::Auth::Basic via use, you are actually inserting it in the request processing chain. That will try to auth all the requests. To use it selectively, only on certain paths, you need to perform the auth only on the corresponding request endpoints (actions). Something like –

    # helpers in ApplicationController
def authorized?
  @auth =  Rack::Auth::Basic::Request.new(request.env)
  @auth.provided? && @auth.basic? && @auth.credentials && @auth.credentials == ['username', 'password']
end

def username(username)
  @auth.credentials[0]
end

# action in PostsController
def index
 if authorized?(params[:id]) && username == "admin"
   # protected stuff
 else
   render :text => "unauthorized" 
 end
end

    Ref: Sinatra doc

    Although this kind of auth can be handled much better by doing a full user-account and session based approach. Checkout has_secure_password in rails 3.1 or devise.

    • 0