Rack

Rack is the most widely (only?) used server interface interface in the ruby ecosystem. Pretty much all application frameworks you can think of build on top of Rack: Rails, Sinatra, Grape, etc…. and Roda is no exception.

Explaining how rack works is beyond the scope of this page, you are kindly suggested to go through its documentation.

Rack has the concept of middlewares, which are in-between processing steps in the stack between the HTTP server and the main application, which can perform pre/post request/response processing.

Roda can both be used as your main application, but also as a middleware! And this is where integration of rodauth, and by definition rodauth-oauth, as rack middleware comes in!

So how do you it?

1. Create the Roda Authentication App

You can start by defining your Authentication application, which will be a roda application. There you will load rodauth and rodauth-oauth:

# in lib/auth_app.rb
class AuthApp < Roda
  plugin :rodauth do
    enable :oauth_authorization_code_grant
  .....

1. Pass the rodauth object into env

env is where the request is declared from a rack perspective:

# in lib/auth_app.rb
route do |r|
  env['rodauth'] = rodauth
  r.rodauth
end

1. Use it as a middleware

Typically in a rack app, you declare the middlewares in config.ru, however suit this to your needs:

# in config.ru
...
use AuthApp
run MainApp

1. Call the rodauth object in your main app

And you’re good to go! So, imagining that you have a Sinatra as your main app:

require "sinatra"

MainApp < Sinatra::Base
  get "/books" do
    # you can create your own helper method. It's up to your framework!
    env["rodauth"].require_oauth_authorization("books.read")
    "books"
  end
end

If you want to see more examples of rodauth usage as middleware in the wild, check out think link.

Home