class Rack::Auth::Digest::MD5

Rack::Auth::Digest::MD5 implements the MD5 algorithm version of HTTP Digest Authentication, as per RFC 2617.

Initialize with the [Rack] application that you want protecting, and a block that looks up a plaintext password for a given username.

opaque needs to be set to a constant base64/hexadecimal string.

Constants

QOP

Attributes

opaque[RW]
passwords_hashed[W]

Public Class Methods

new(*args) click to toggle source
# File lib/rack/auth/digest/md5.rb, line 24
def initialize(*args)
  super
  @passwords_hashed = nil
end

Public Instance Methods

call(env) click to toggle source
# File lib/rack/auth/digest/md5.rb, line 33
def call(env)
  auth = Request.new(env)

  unless auth.provided?
    return unauthorized
  end

  if !auth.digest? || !auth.correct_uri? || !valid_qop?(auth)
    return bad_request
  end

  if valid?(auth)
    if auth.nonce.stale?
      return unauthorized(challenge(:stale => true))
    else
      env['REMOTE_USER'] = auth.username

      return @app.call(env)
    end
  end

  unauthorized
end
passwords_hashed?() click to toggle source
# File lib/rack/auth/digest/md5.rb, line 29
def passwords_hashed?
  !!@passwords_hashed
end