2011-03-12 182 views

回答

1

沒有會話與HTTP基本認證相關聯,如果您想將認證與必須在應用程序級別進行的會話相關聯,聽起來就像Rack中間件一樣困難。

1

你好對不起已故的迴應,我剛纔看到你的帖子,也許它仍然可以幫助你: 此代碼從太陽石應用程序,它是OpenNebula http://opennebula.org/

use Rack::Session::Pool 

def authorized? 
    session[:ip] && session[:ip]==request.ip ? true : false 
end 

def build_session 
    auth = Rack::Auth::Basic::Request.new(request.env) 
    if auth.provided? && auth.basic? && auth.credentials 
     user = auth.credentials[0] 
     sha1_pass = Digest::SHA1.hexdigest(auth.credentials[1]) 

     rc = SunstoneServer.authorize(user, sha1_pass) 
     if rc[1] 
      session[:user]  = user 
      session[:user_id] = rc[1] 
      session[:password] = sha1_pass 
      session[:ip]  = request.ip 
      session[:remember] = params[:remember] 

      if params[:remember] 
       env['rack.session.options'][:expire_after] = 30*60*60*24 
      end 

      return [204, ""] 
     else 
      return [rc.first, ""] 
     end 
    end 

    return [401, ""] 
end 

def destroy_session 
    session.clear 
    return [204, ""] 
end 
的一部分被拿