Authentication plugin interaction with parameters

Issue #13 new
Mahlon E. Smith
created an issue

Because the parameters plugin is so useful, and the routing plugin can already capitalize on parameter validation and labels for globally defined params, I think a pleasant enhancement would be to carry support for param labels into the auth definitions.

Currently, require_auth_for and require_perms_for take a regular expression as the first argument. If I have a parameter defined, meant for a route, lets say:

param :key, :uuid

I can add the route as:

get '/:key' do |req| { ... }

But to add authentication, I must match it again via regexp:

require_auth_for %r|/?[[:xdigit:]]{8}(?:-[[:xdigit:]]{4}){3}-[[:xdigit:]]{12}$/  ...

Making auth understand global params, like the routing plugin, feels intuitive.

require_auth_for '/:key' { ... }

Comments (0)

  1. Log in to comment