# Authentication: Warden1. Add gems ``` gem 'warden' gem 'bcrypt' ```

1. # Authentication: Warden
2.  
3. 1. Add gems
4.  
5. ```
6. gem 'warden'
7. gem 'bcrypt'
8. ```
9.  
10. 2. Connect Warden
11.  
12. The following enables you to access the Warden object via `params.env['warden']`.
13.  
14. You can either add Warden at the Rack level:
15.  
16. ```ruby
17. # config.ru
18. use Rack::Session::Cookie, secret: ENV['COOKIE_SECRET']
19.  
20. use Warden::Manager do |manager|
21. # let Hanami deal with the 401s
22. manager.intercept_401 = false
23. end
24. ```
25.  
26. or in an application:
27.  
28. ```ruby
29. module Web
30. class Application < Hanami::Application
31. configure do
32. middleware.use Rack::Session::Cookie, secret: ENV['COOKIE_SECRET']
33.  
34. middleware.use Warden::Manager do |manager|
35. # let Hanami deal with the 401s
36. manager.intercept_401 = false
37. end
38. end
39. end
40. end
41. ```
42.  
43. Note that if you use the latter and you want to share sessions between applications, you need to use the same secret.
44.  
45. 3. Set up Warden strategies
46.  
47. ```ruby
48. # config/initializers/warden.rb
49. Warden::Strategies.add(:password) do
50.  
51. def valid?
52. params['username'] || params['password']
53. end
54.  
55. def authenticate!
56. u = User.authenticate(params['username'], params['password'])
57. u.nil? ? fail!("Could not log in") : success!(u)
58. end
59. end
60.  
61. Warden::Manager.serialize_into_session do |user|
62. user.id
63. end
64.  
65. Warden::Manager.serialize_from_session do |id|
66. User[id]
67. end
68. ```
69.  
70. 4. Modify user model
71.  
72. ```ruby
73. require 'bcrypt'
74.  
75. class User < Sequel::Model
76. include BCrypt
77.  
78. def password
79. @password ||= Password.new(password_hash)
80. end
81.  
82. def password=(new_password)
83. @password = Password.create(new_password)
84. self.password_hash = @password
85. end
86.  
87. def self.authenticate(username, password)
88. user = self.first(email: username)
89. if !user.nil? && user.password == password
90. return user
91. end
92. nil
93. end
94. ```
95.  
96. 5. Authenticate the user
97.  
98. ```ruby
99. # this is a POST action
100. class Login
101. include Web::Action
102. include Hanami::Action::Session
103.  
104. def call(params)
105. if params.env['warden'].authenticate(:password)
106. redirect_to routes.logged_in_path
107. else
108. flash[:message] = 'Invalid credentials.'
109. redirect_to routes.login_path
110. end
111. end
112. end
113. ```
114.  
115. ## Notes
116.  
117. * Once authenticated, you can access the Warden user object via `params.env['warden'].user`.
118. * This was written by using Sequel rather than Hanami::Model. Adjust the `User[id]` call in the strategy and a few other places accordingly.