Testing basic HTTP authenticated request in Merb

Question

The Merb Open Source Book has a chapter on authentication. However, the testing an authenticated request section example only shows what you can do for forms based authentication. I have a web service that I want to test with HTTP basic authentication. How would I do that?

Answer 1

After posting my question, I tried a few more things and found my own answer. You can do something like the following:

response = request('/widgets/2222', 
                   :method => "GET", 
                   "X_HTTP_AUTHORIZATION" => 'Basic ' + ["myusername:mypassword"].pack('m').delete("\r\n"))

I may get around to updating the book, but at least this info is here for Google to find and possibly help someone else.

Answer 2

Here is an example for HTTP basic auth from inside a controller:

class MyMerbApp < Application
  before :authenticate, :only=>[:admin]

  def index
    render
  end

  def admin
    render
  end

  protected 

  def authenticate 
    basic_authentication("Protected Area") do |username, password| 
      username == "name" && password == "secret"  
    end 
  end

end

you'll need to define the merb_auth_slice in config/router.rb if it's not already done for you:

Merb::Router.prepare do
  slice(:merb_auth_slice_password, :name_prefix => nil, :path_prefix => "")
end