Rack is the most widely (only?) used server interface interface in the ruby ecosystem. Pretty much all application frameworks you can think of build on top of Rack: Rails, Sinatra, Grape, etc…. and Roda is no exception.
Explaining how rack works is beyond the scope of this page, you are kindly suggested to go through its documentation.
Rack has the concept of middlewares, which are in-between processing steps in the stack between the HTTP server and the main application, which can perform pre/post request/response processing.
Roda can both be used as your main application, but also as a middleware! And this is where integration of rodauth
, and by definition rodauth-oauth
, as rack middleware comes in!
So how do you it?
You can start by defining your Authentication application, which will be a roda application. There you will load rodauth
and rodauth-oauth
:
# in lib/auth_app.rb
class AuthApp < Roda
plugin :rodauth do
enable :oauth_authorization_code_grant
.....
env
is where the request is declared from a rack perspective:
# in lib/auth_app.rb
route do |r|
env['rodauth'] = rodauth
r.rodauth
end
Typically in a rack app, you declare the middlewares in config.ru
, however suit this to your needs:
# in config.ru
...
use AuthApp
run MainApp
And you’re good to go! So, imagining that you have a Sinatra as your main app:
require "sinatra"
MainApp < Sinatra::Base
get "/books" do
# you can create your own helper method. It's up to your framework!
env["rodauth"].require_oauth_authorization("books.read")
"books"
end
end
If you want to see more examples of rodauth
usage as middleware in the wild, check out think link.