1. Michael Granger
  2. Strelka
Issue #13 new

Authentication plugin interaction with parameters

Mahlon Smith
created an issue

Because the parameters plugin is so useful, and the routing plugin can already capitalize on parameter validation and labels for globally defined params, I think a pleasant enhancement would be to carry support for param labels into the auth definitions.

Currently, require_auth_for and require_perms_for take a regular expression as the first argument. If I have a parameter defined, meant for a route, lets say:

param :key, :uuid

I can add the route as:

get '/:key' do |req| { ... }

But to add authentication, I must match it again via regexp:

require_auth_for %r|/?[[:xdigit:]]{8}(?:-[[:xdigit:]]{4}){3}-[[:xdigit:]]{12}$/  ...

Making auth understand global params, like the routing plugin, feels intuitive.

require_auth_for '/:key' { ... }

Comments (0)

  1. Log in to comment