From 049cd824c0452385c55abf093085b760c58fadae Mon Sep 17 00:00:00 2001
From: David Heinemeier Hansson <david@loudthinking.com>
Date: Tue, 7 Jul 2015 22:27:44 +0200
Subject: Basic authentication helpers

---
 lib/action_cable/connection.rb               |  1 +
 lib/action_cable/connection/authorization.rb | 13 +++++++++++++
 lib/action_cable/connection/base.rb          |  4 ++++
 3 files changed, 18 insertions(+)
 create mode 100644 lib/action_cable/connection/authorization.rb

(limited to 'lib')

diff --git a/lib/action_cable/connection.rb b/lib/action_cable/connection.rb
index 1b4a6ecc23..c63621c519 100644
--- a/lib/action_cable/connection.rb
+++ b/lib/action_cable/connection.rb
@@ -1,5 +1,6 @@
 module ActionCable
   module Connection
+    autoload :Authorization, 'action_cable/connection/authorization'
     autoload :Base, 'action_cable/connection/base'
     autoload :Heartbeat, 'action_cable/connection/heartbeat'
     autoload :Identification, 'action_cable/connection/identification'
diff --git a/lib/action_cable/connection/authorization.rb b/lib/action_cable/connection/authorization.rb
new file mode 100644
index 0000000000..070a70e4e2
--- /dev/null
+++ b/lib/action_cable/connection/authorization.rb
@@ -0,0 +1,13 @@
+module ActionCable
+  module Connection
+    module Authorization
+      class UnauthorizedError < StandardError; end
+
+      private
+        def reject_unauthorized_connection
+          logger.error "An unauthorized connection attempt was rejected"
+          raise UnauthorizedError
+        end
+    end
+  end
+end
\ No newline at end of file
diff --git a/lib/action_cable/connection/base.rb b/lib/action_cable/connection/base.rb
index 09bbc73e2d..1a9aac0731 100644
--- a/lib/action_cable/connection/base.rb
+++ b/lib/action_cable/connection/base.rb
@@ -3,6 +3,7 @@ module ActionCable
     class Base
       include Identification
       include InternalChannel
+      include Authorization
 
       attr_reader :server, :env
       delegate :worker_pool, :pubsub, to: :server
@@ -85,6 +86,9 @@ module ActionCable
           heartbeat.start
 
           message_buffer.process!
+        rescue ActionCable::Connection::Authorization::UnauthorizedError
+          respond_to_invalid_request
+          close
         end
 
         def on_message(message)
-- 
cgit v1.2.3