class WEBrick::HTTPAuth::Htpasswd
Htpasswd
accesses apache-compatible password files. Passwords are matched to a realm where they are valid. For security, the path for a password database should be stored outside of the paths available to the HTTP server.
Htpasswd
is intended for use with WEBrick::HTTPAuth::BasicAuth
.
To create an Htpasswd
database with a single user:
htpasswd = WEBrick::HTTPAuth::Htpasswd.new 'my_password_file' htpasswd.set_passwd 'my realm', 'username', 'password' htpasswd.flush
Public Class Methods
Open a password database at path
# File lib/webrick/httpauth/htpasswd.rb, line 38 def initialize(path) @path = path @mtime = Time.at(0) @passwd = Hash.new @auth_type = BasicAuth open(@path,"a").close unless File::exist?(@path) reload end
Public Instance Methods
Removes a password from the database for user
in realm
.
# File lib/webrick/httpauth/htpasswd.rb, line 111 def delete_passwd(realm, user) @passwd.delete(user) end
Iterate passwords in the database.
# File lib/webrick/httpauth/htpasswd.rb, line 118 def each # :yields: [user, password] @passwd.keys.sort.each{|user| yield([user, @passwd[user]]) } end
Flush the password database. If output
is given the database will be written there instead of to the original path.
# File lib/webrick/httpauth/htpasswd.rb, line 77 def flush(output=nil) output ||= @path tmp = Tempfile.create("htpasswd", File::dirname(output)) renamed = false begin each{|item| tmp.puts(item.join(":")) } tmp.close File::rename(tmp.path, output) renamed = true ensure tmp.close File.unlink(tmp.path) if !renamed end end
Retrieves a password from the database for user
in realm
. If reload_db
is true the database will be reloaded first.
# File lib/webrick/httpauth/htpasswd.rb, line 96 def get_passwd(realm, user, reload_db) reload() if reload_db @passwd[user] end
Reload passwords from the database
# File lib/webrick/httpauth/htpasswd.rb, line 50 def reload mtime = File::mtime(@path) if mtime > @mtime @passwd.clear open(@path){|io| while line = io.gets line.chomp! case line when %r!\A[^:]+:[a-zA-Z0-9./]{13}\z! user, pass = line.split(":") when /:\$/, /:{SHA}/ raise NotImplementedError, 'MD5, SHA1 .htpasswd file not supported' else raise StandardError, 'bad .htpasswd file' end @passwd[user] = pass end } @mtime = mtime end end
Sets a password in the database for user
in realm
to pass
.
# File lib/webrick/httpauth/htpasswd.rb, line 104 def set_passwd(realm, user, pass) @passwd[user] = make_passwd(realm, user, pass) end