Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

A Warden authentication strategies that integrates with Ory Kratos.

License

NotificationsYou must be signed in to change notification settings

ScoreVision/warden-ory-kratos

Repository files navigation

stability-experimentalGem Version

warden-ory-kratos is aWarden extension that integrates withOry Kratos.

Ory Kratos is an open-source, API-first identity and user management service.

Installation

Add this line to your application's Gemfile:

gem'warden-ory-kratos'

Usage with Rails Warden

SeeRailsWarden.

Inject RailsWarden into Rails

Create a new Rails initializer and inject RailsWarden.Configure which of the strategies your application will use.

# config/initializers/warden.rbrequire'rails_warden'require'warden/ory_kratos'Rails.configuration.middleware.useRailsWarden::Managerdo |manager|manager.failure_app=Warden::OryKratos::FailureApps::UnAuthorizedmanager.default_strategies[:SessionToken,:SessionCookie]# :JWTHeader strategy also availableend

Configure Warden::OryKratos

Environment specific configuration for OryKratos.

# config/environments/development.rbWarden::OryKratos.configuredo |config|config.kratos_external_api='https://yourhostedproject.projects.oryapis.com'config.logger=Logger.new(STDOUT)# config.kratos_proxy_jwks    = 'http://localhost:4000/.ory/proxy/jwks.json'end

Add RailsWarden application mixin

Add the auth mixin to the base controller class of your choosing.

# app/controllers/application_controller.rbclassApplicationController <ActionController::Base# Mixins were deprecated on master branch# include RailsWarden::MixinsincludeRailsWarden::Authenticationend

Add auth to the controller

# app/controllers/articles_controller.rbclassArticlesController <ApplicationControllerprepend_before_action:authenticate!defindex@articles=Article.allend# ...end

Strategies

There are three strategies available. When combined, the:SessionToken, and:SessionCookie strategies make up a "Kratos native" implementation. While the:JWTHeader strategy provides compatibility with the Ory cli proxy.

SessionCookie Strategy

  • Looks for anory_session cookie in the rack request.
  • Makes an external request to Kratos for the user session.
  • Accepts or rejects the request based on the user session information.

SessionToken Strategy

  • Looks within the rack request for a token in bothAuthorization andX_Session_Token headers.
  • Makes an external request to Kratos for the user session.
  • Accepts or rejects the request based on the user session information.

JWTHeader Strategy

  • Loads the Ory cli proxy's JSON web key set (JWKS).
  • Looks for anAuthorization header holding a JSON web token (JWT).
  • Uses the JWKS to cryptographically verify the JWT was issued by the Ory cli proxy.
  • Extracts the user session from the valid JWT.
  • Accepts or rejects the request based on the user session information.

Development

Install development dependencies

gem install --dev warden-ory-kratos

Run yard documentation server

yard server --reload

About

A Warden authentication strategies that integrates with Ory Kratos.

Topics

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published
[8]ページ先頭
©2009-2025 Movatter.jp