I want to create a WebService in Ruby (Sinatra, Padrino, maybe Ramaze ... I don’t know yet ...), but I definitely want to protect it ...
This will be the backeend for the Iphone-App, so I think SSL-Secured HTTP-Basic-Auth will be fine.
I looked through several authentication schemes and came across a boss ... It seems that it is well-documented and development is built on top of it ... So it can't be so bad ...
But ... it seemed to me a little sortie, for what I need ...
Then I found this snipplet code:
def protected!
unless authorized?
response['WWW-Authenticate'] = %(Basic realm="Testing HTTP Auth")
throw(:halt, [401, "Not authorized\n"])
end
end
def authorized?
@auth ||= Rack::Auth::Basic::Request.new(request.env)
@auth.provided? && @auth.basic? && @auth.credentials && @auth.credentials == ['admin', 'admin']
end
It seems like I just don't need more than that ... Or can any of you guys provide a good example of Warden + HTTP-Basic Auth? Or explain to me more benefits of using a warden?
Thanks in advance!:)