module Roda::RodaPlugins::HostAuthorization::InstanceMethods

def _convert_host_for_authorization(host)

Remove the port information from the passed string (mutates the passed argument).

def _convert_host_for_authorization(host)
  host.sub!(/:\d+\z/, "")
  host
end

def check_host_authorization!

immediately based on the plugin block.
Check whether the host is authorized. If not authorized, return a response

def check_host_authorization!
  r = @_request
  return if host_authorized?(_convert_host_for_authorization(r.env["HTTP_HOST"].to_s.dup))
  if opts[:host_authorization_check_forwarded] && (host = r.env["HTTP_X_FORWARDED_HOST"])
    if i = host.rindex(',')
      host = host[i+1, 10000000].to_s
    end
    host = _convert_host_for_authorization(host.strip)
    if !host.empty? && host_authorized?(host)
      return
    end
  end
  r.on do
    host_authorization_unauthorized(r)
  end
end

def host_authorization_unauthorized(_)

Action to take for unauthorized hosts. Sets a 403 status by default.

def host_authorization_unauthorized(_)
  @_response.status = 403
  nil
end

def host_authorized?(host, authorized_host = opts[:host_authorization_host])

Whether the host given is one of the authorized hosts for this application.

def host_authorized?(host, authorized_host = opts[:host_authorization_host])
  case authorized_host
  when Array
    authorized_host.any?{|auth_host| host_authorized?(host, auth_host)}
  else
    authorized_host === host
  end
end

Instance Methods

Defined in

lib/roda/plugins/host_authorization.rb

Modules

Classes