Feature: allow users to define their own authentication strategy

It would be nice if a user could define his or hers own authentication strategy.

We could create an abstract class like:

```
class HTTPBasicAuth
  abstract class AuthenticationStrategy
    abstract def authorize?(username : String, password : String): String?
  end
end
```

Then a user could write his own implementation:
```
  class MongoAuthenticationStrategy < AuthenticationStrategy
    def authorize?(username : String, password : String): String?
        # find a user in database and return his ID if it exists
    end
  end
```

In order to keep backward compatibility we could add another contructor to the `HttpBasicAuth`

```
  def initialize(@strategy : AuthenticationStrategy)
    initialize({} of String => String)
  end
```

and then in the `authorize?` method perform a check:

```
    if strategy = @strategy
      strategy.authorize?(username, password)
    else
      @credentials.authorize?(username, password)
    end
```

What do you think? If you like the idea I can make a pull request and leave it for you to review 😄 

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Feature: allow users to define their own authentication strategy #6

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Feature: allow users to define their own authentication strategy #6

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions