Htpasswd

This plugin allows controllers to use HTTP Basic and Digest access authentication. You can specify user passwords like this.

inline plain password
inline crypted password
external password file

Syntax

htpasswd options
htdigest options

Options

user : user name # default: nil
pass : password (format depends on :type) # default: nil
type : one of ( :plain | :crypted ) # default: :plain
file : external file path # default: nil
realm : realm value # default: “Authorization”
class : specify ActiveRecord class for account # default: nil
scheme : auth scheme # default: automatically set by method name

Usage

(1) Basic Access Authentication

class AdminController < ApplicationController htpasswd :user=>”maiha”, :pass=>”berryz” htpasswd :user=>”maiha”, :pass=>”7Et1Y7tCawx32”, :type=>:crypted htpasswd :user=>”maiha”, :pass=>”berryz”, :realm=>”Member Only” htpasswd :file=>”/usr/local/apache/passwd/.htpasswd” htpasswd :class=>”Account” # authorize user with Account#username and Account#password htpasswd :class=>”Account”, :user=>”login”, :pass=>”secret” # use “login” and “secret” columns end

(2) Digest Access Authentication

class AdminController < ApplicationController htdigest :user=>”maiha”, :pass=>”berryz” htdigest :user=>”maiha”, :pass=>”812b1d067e9ce1e44f09215339e3cd69”, :type=>:crypted htdigest :file=>”/usr/local/apache/passwd/.htdigest” htdigest :class=>”Account” # Account#password should be realm-considered value. end

(3) Multiple Access Authentications

class AdminController < ApplicationController htpasswd :user=>”maiha”, :pass=>”berryz” htdigest :user=>”airi” , :pass=>”cute” end

Although user ‘maiha’ is authorized by Basic auth, user ‘airi’ is authorized by Digest auth in this case. And this controller returns Digest one as a 401 response because it is strongest auth-scheme in above schemes.

(0) Creating a htdigest file