require 'rubygems'require 'spec'require 'sinatra'require 'sinatra/test/rsp

1. require 'rubygems'
2. require 'spec'
3. require 'sinatra'
4. require 'sinatra/test/rspec'
5. require 'auth' # from the above snippet
6.  
7. set :app_file, __FILE__
8. set :views, File.join(File.dirname(__FILE__), 'views')
9.  
10. get '/' do
11. "OK"
12. end
13.  
14. get '/sekret' do
15. protect!(:realm => "FOO!") { |user, pass| user == "user" and pass == "pass" }
16. "SEKRET!"
17. end
18.  
19. describe "app" do
20. attr_reader :response
21.  
22. def get_with_auth(path, user, pass)
23. get_it path, :env => {
24. 'HTTP_AUTHORIZATION' => 'Basic ' + ["#{user}:#{pass}"].pack("m*")
25. }
26. end
27.  
28. it "gets ok" do
29. get_it '/'
30. response.should be_ok
31. end
32.  
33. it "protects protected" do
34. get_it '/sekret'
35. response.headers['Www-Authenticate'].should match(/FOO!/)
36. response.status.should == 401
37. response.body.should_not include("SEKRET!")
38. end
39.  
40. describe "authenticating" do
41. it "allows valid requests" do
42. get_with_auth '/sekret', 'user', 'pass'
43. response.should be_ok
44. response.body.should == "SEKRET!"
45. end
46.  
47. it "denies invalid requests" do
48. get_with_auth '/sekret', 'wrong', 'pass'
49. response.status.should == 401
50. response.body.should_not include("SEKRET!")
51. end
52. end
53. end