Commits

Michael Granger committed 3defe5b

A few more README updates, removed extra config example, fixed invalid username auth error case.

  • Participants
  • Parent commits 67a9e48

Comments (0)

Files changed (4)

 
 ## Description
 
-This is an experimental minimalist Rubygems index and gem server for deploying private gems.
+This is an experimental minimalist Rubygems index and gem server for deploying
+private gems.
 
-It authenticates against an LDAP server, but it should be fairly easy to replace the authentication bits with something different.
+Authentication for auth-token generation is done by searching for a
+posixAccount with uid=<username> in an LDAP directory, and if the user is
+found, trying to bind against the directory as that user using the provided
+password.
+
+If you want to authenticate using some other mechanism, you'll need to replace
+the authentication bits in lib/gemserver/authentication.rb with your own code.
+
+You can customize the look and feel by altering the templates and static
+content under the gem's data directory.
+
+Auth tokens are stored in a SQLite database.
 
 Some notable features:
 
 
 Caveats:
 
-* Not designed or tested in high-traffic situations
+* Not designed for or tested in high-traffic situations
 * Not super-configurable; assumes you have an environment similar to ours or 
   are willing to hack it a bit
+* Getting 'gem push' to push to a different gemserver with a different 
+  authtoken is not trivial
 
 
 ## Installation
 `gemserver.conf` file in the directory you wish to run it from that allows
 customization of what interface and port it listens to, where it keeps its
 gems and authentication tokens, etc. An example config is distributed with the
-gem.
+gem (under data/gemserver/gemserver.conf.example).
+
+You'll likely want to run it behind a reverse proxy that wraps it in SSL like
+we do, as it currently just does Basic HTTP authentication.
+
 
 ## Contributing
 
-You can check out the current development source with Mercurial [from BitBucket][bitbucket], or if you prefer Git, via [its Github mirror][github].
+You can check out the current development source with Mercurial 
+[from BitBucket][bitbucket], or if you prefer Git, via 
+[its Github mirror][github].
 
 After checking out the source, run:
 
 generate the API documentation.
 
 
+## Future Plans
+
+Make it more configurable:
+
+* Pluggable authentication
+* Configurable authtoken storage
+
+
 ## License
 
 Copyright (c) 2010, 2011, Michael Granger

gemserver.conf.example

-loglevel: debug
-rack:
-  host: 127.0.0.1
-  port: 9392
-  env: development
-gemserver:
-  name: ~
-  gemsdir: ./data/gems
-  ldapuri: ~
-

lib/gemserver/authentication.rb

 
 	### Returns true if the given +username+ and +password+ are valid 
 	### authentication.
-	def authenticate( username, password )
-		username = self.validate_username( username )
+	def authenticate( authuser, password )
+		unless username = self.validate_username( authuser )
+			self.log.error "Invalid username %p" % [ authuser ]
+			return false
+		end
+
 		user = self.ldap.base.
 			filter( :objectClass => :posixAccount ).
 			filter( :uid => username ).first

spec/gemserver_spec.rb

 
 describe Gemserver do
 
-	before( :all ) do
+	before( :each ) do
 		setup_logging( :fatal )
 	end
 
 
 	it "has reasonable defaults" do
 		argv = []
+		Gemserver.stub!( :find_standard_config ).and_return( nil )
 		config = Gemserver.load_config( argv )
+		config.loglevel.should == :info
 		config.rack.host.should == Gemserver::DEFAULT_HOST
 		config.rack.port.should == Gemserver::DEFAULT_PORT
 		config.rack.env.should == Gemserver::DEFAULT_RACK_ENV