Question

我使用eventmachine和evma_httpserver公开了一个web服务，如下所示：

EM.run{
  puts "Query Server running on port 9000"
  EM.start_server '0.0.0.0', 9000, QueryEngineHttpServer
}

我想使其安全，即需要用户名和密码。我知道如何使用Sinatra做到这一点，但我没有使用它，所以我不知道如何继续。

Answer 1

您需要哪种身份验证？基于身份验证还是基于cookie？

这可以帮助你吗？

module QueryEngineHttpServer
  include EM::HttpServer

  def post_init

    # if you want the connection to be encrypted with ssl
    start_tls({:private_key_file => path_to_key_file,
               :cert_chain_file => path_to_key_file,
               :verify_peer => false})

    # don't forget to call super here !
    super
  end

  def process_http_request

    # Block which fulfills the request (generate the data)
    operation = proc do

        # depending of which kind of auth you want you should have to parse the cookie or the 'autorization' header
        auth = check_for_auth @http_cookie, @http_headers

        # create the response object to be used in the EM::defer callback        
        resp = EM::DelegatedHttpResponse.new(self)
        resp.status = auth ? 200 : 401
        resp.content = 'some content here...'
        resp
    end

    # Block which fulfills the reply (send back the data to the client)
    response = proc do |reply|
      reply.send_response      
    end

    # Let the thread pool handle request
    EM.defer(operation, response)
  end

end

eventmachine Web服务的安全性

1 个答案: