Helpers are now available to auth middleware, executing in the context of the endpoint.

Author: joelvh

.gitignore

@@ -42,3 +42,4 @@ bin
 tags
 
 ## PROJECT::SPECIFIC
+.project

CHANGELOG.md

@@ -10,6 +10,7 @@ Next Release
 * [#526](https://github.com/intridea/grape/pull/526): Allow specifying headers in `error!` - [@dblock](https://github.com/dblock).
 * [#523](https://github.com/intridea/grape/pull/523): Aliased `before` as `before_validation` - [@myitcv](https://github.com/myitcv).
 * [#527](https://github.com/intridea/grape/pull/527): `before_validation` now a distinct callback (supersedes [#523](https://github.com/intridea/grape/pull/523)) - [@myitcv](https://github.com/myitcv).
+* [#531](https://github.com/intridea/grape/pull/531): Helpers are now available to auth middleware, executing in the context of the endpoint - [@joelvh](https://github.com/joelvh).
 * Your contribution here.
 
 #### Fixes

lib/grape/endpoint.rb

@@ -146,6 +146,8 @@ def call(env)
     end
 
     def call!(env)
+      extend helpers
+
       env['api.endpoint'] = self
       if options[:app]
         options[:app].call(env)
@@ -372,7 +374,6 @@ def run(env)
       @params = @request.params
       @headers = @request.headers
 
-      extend helpers
       cookies.read(@request)
 
       run_filters befores
@@ -426,8 +427,21 @@ def build_middleware
         end
       end
 
-      b.use Rack::Auth::Basic, settings[:auth][:realm], &settings[:auth][:proc] if settings[:auth] && settings[:auth][:type] == :http_basic
-      b.use Rack::Auth::Digest::MD5, settings[:auth][:realm], settings[:auth][:opaque], &settings[:auth][:proc] if settings[:auth] && settings[:auth][:type] == :http_digest
+      if settings[:auth]
+        auth_proc         = settings[:auth][:proc]
+        auth_proc_context = self
+        auth_middleware   = {
+          http_basic:   { class: Rack::Auth::Basic,       args: [settings[:auth][:realm]] },
+          http_digest:  { class: Rack::Auth::Digest::MD5, args: [settings[:auth][:realm], settings[:auth][:opaque]] }
+        }[settings[:auth][:type]]
+
+        # evaluate auth proc in context of endpoint
+        if auth_middleware
+          b.use auth_middleware[:class], *auth_middleware[:args] do |*args|
+            auth_proc_context.instance_exec(*args, &auth_proc)
+          end
+        end
+      end
 
       if settings[:version]
         b.use Grape::Middleware::Versioner.using(settings[:version_options][:using]),

spec/grape/api_spec.rb

@@ -874,7 +874,7 @@ def before
       end
     end
   end
-  describe '.basic' do
+  describe '.http_basic' do
     it 'protects any resources on the same scope' do
       subject.http_basic do |u, p|
         u == 'allow'
@@ -913,6 +913,51 @@ def before
       get '/hello', {}, 'HTTP_AUTHORIZATION' => encode_basic_auth('allow', 'whatever')
       last_response.status.should eql 200
     end
+
+    it 'has access to the current endpoint' do
+      basic_auth_context = nil
+
+      subject.http_basic do |u, p|
+        basic_auth_context = self
+
+        u == 'allow'
+      end
+
+      subject.get(:hello) { "Hello, world." }
+      get '/hello', {}, 'HTTP_AUTHORIZATION' => encode_basic_auth('allow', 'whatever')
+      basic_auth_context.should be_an_instance_of(Grape::Endpoint)
+    end
+
+    it 'has access to helper methods' do
+      subject.helpers do
+        def authorize(u, p)
+          u == 'allow' && p == 'whatever'
+        end
+      end
+
+      subject.http_basic do |u, p|
+        authorize(u, p)
+      end
+
+      subject.get(:hello) { "Hello, world." }
+      get '/hello', {}, 'HTTP_AUTHORIZATION' => encode_basic_auth('allow', 'whatever')
+      last_response.status.should eql 200
+      get '/hello', {}, 'HTTP_AUTHORIZATION' => encode_basic_auth('disallow', 'whatever')
+      last_response.status.should eql 401
+    end
+
+    it 'can set instance variables accessible to routes' do
+      subject.http_basic do |u, p|
+        @hello = "Hello, world."
+
+        u == 'allow'
+      end
+
+      subject.get(:hello) { @hello }
+      get '/hello', {}, 'HTTP_AUTHORIZATION' => encode_basic_auth('allow', 'whatever')
+      last_response.status.should eql 200
+      last_response.body.should eql "Hello, world."
+    end
   end
 
   describe '.logger' do