class Conjur::WebServer::Authorize
Verifies that the request contains the authorization token, and then strips it.
Attributes
app[R]
sessionid[R]
Public Class Methods
new(app, sessionid)
click to toggle source
# File lib/conjur/webserver/authorize.rb, line 7 def initialize(app, sessionid) @app = app @sessionid = sessionid end
Public Instance Methods
call(env)
click to toggle source
# File lib/conjur/webserver/authorize.rb, line 12 def call(env) if token_valid?(env) @app.call env else [403, {}, ["Authorization is missing or invalid"]] end end
Protected Instance Methods
token_valid?(env)
click to toggle source
# File lib/conjur/webserver/authorize.rb, line 22 def token_valid?(env) request = Rack::Request.new(env) request.session[:sessionid] == sessionid end