opensesame 0 rspec travis-ci ruby Rubygems

Rails engine for authenticating internal applications and private-access products

3 years after MIT


Build Status Code Climate

OpenSesame is a Warden strategy for providing "walled garden" authentication for access to Rack-based applications via Omniauth. The intent is protect the visibility of your app from the outside world. For example, your company has internal apps and/or staging enviroments for multiple projects and you want something better than HTTP basic auth.

Enter OpenSesame. To authenticate, OpenSesame currently uses Omniauth and the Github API to require that a user is both logged in to Github and a member of the Github organization for which OpenSesame is configured.


In your Gemfile:

gem "opensesame"

Register your application(s) with Github for OAuth access. For each application, you need a name, the site url, and a callback for OAuth. The OmniAuth-Github OAuth strategy used under the hood will expect the callback at mount path + '/github/callback'. So the development version of your client application might be registered as:

Name: MyApp - local
URL: http://localhost:3000
Callback URL: http://localhost:3000/opensesame/github/callback

Configure OpenSesame:

# Rails config/initializers/opensesame.rb

require 'opensesame'

OpenSesame.configure do |config|
  config.enable       Rails.env.staging?
  config.github ENV['GITHUB_APP_ID'], ENV['GITHUB_SECRET']
  config.organization 'challengepost'
  config.mounted_at   '/opensesame'

  config.redirect_to '/path' # Set redirect to for both login and logout
  config.redirect_after_login '/path'
  config.redirect_after_logout '/path'

Mount OpenSesame in your Rails routes:

# Rails config/routes.rb
mount OpenSesame::Engine => OpenSesame.mount_prefix

Place the following in your application_controller:

before_filter :authenticate_opensesame!

Related Repositories



Easy HTTP Networking in Swift a NSURLSession wrapper with image caching support ...



Resources for conservation, development, and documentation of endangered, minori ...



Wrapper for docker-compose CLI with container-to-host networking helper. ...



Encrypted environment variables via AWS KMS ...




Top Contributors

rossta ilyakatz jcmuller


-   v0.4.0 zip tar
-   v0.3.0 zip tar
-   v0.2.0 zip tar
-   v0.1.2 zip tar
-   v0.1.1 zip tar
-   v0.1.0 zip tar
-   v0.0.2 zip tar
-   v0.0.1 zip tar