如何在Sinatra中从基本身份验证中排除路径 [英] How do I exclude a path from requiring basic auth in Sinatra

问题描述

我正在使用Sinatra在Ruby中编写一个小型Web服务.使用http基本认证(在生产环境中通过https)控制对几乎所有内容的访问.

I'm writing a smallish web service in Ruby using Sinatra. Access to pretty much everything is controlled using http basic auth (over https in production).

有一个我要排除在需要授权之外的特定目录.有没有简单的方法可以做到这一点?

There is one particular directory that I want to exclude from requiring authorization. Is there an easy way to do this?

推荐答案

require 'sinatra'

helpers do
  def protected!
    unless authorized?
      response['WWW-Authenticate'] = %(Basic realm="Testing HTTP Auth")
      throw(:halt, [401, "Not authorized\n"])
    end
  end

  def authorized?
    @auth ||=  Rack::Auth::Basic::Request.new(request.env)
    @auth.provided? && @auth.basic? && @auth.credentials && @auth.credentials == ['admin', 'admin']
  end
end

before { protected! unless request.path_info == "/public" }

get('/public') { "I'm public!" }

这篇关于如何在Sinatra中从基本身份验证中排除路径的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！