Hi... I want to create a WebService in Ruby (Sinatra, Padrino, maybe Ramaze... don't know yet...), but I definitely want to secure it...
It will be the backeend for an Iphone-App, so I think SSL-Secured HTTP-Basic-Auth will be fine.
I've been looking around at several authentication Frameworks and came across warden... Seems to be pretty well documented, and devise is build on top of it... So can't be that bad...
But... seemd to me a little bit overkill, for what I need...
Then I found this Code-Snipplet:
def protected!
unless authorized?
response['WWW-Authenticate'] = %(Basic realm="Testing HTTP Auth")
throw(:halt, [401, "Not authorized\n"])
end
end
def authorized?
@auth ||= Rack::Auth::Basic::Request.new(request.env)
@auth.provided? && @auth.basic? && @auth.credentials && @auth.credentials == ['admin', 'admin']
end
Looks if I just don't need more than that atm... Or can any of you guys provide a nice Example of Warden + HTTP-Basic Auth? Or explain me more benefits of using warden?
Thanks in advance!!! :)