Acts_as_authenticated includes BASIC authentication? how?

Hey guys, I’ve spent the whole day trying to understand the
acts_as_authenticated code. More specifically I was looking at how the
plugin recalls a once after they are logged in. The code looks something
like this:

@@http_auth_headers = %w(X-HTTP_AUTHORIZATION HTTP_AUTHORIZATION

Authorization)
# gets BASIC auth info
def get_auth_data
auth_key = @@http_auth_headers.detect { |h|
request.env.has_key?(h) }
auth_data = request.env[auth_key].to_s.split unless
auth_key.blank?
return auth_data && auth_data[0] == ‘Basic’ ?
Base64.decode64(auth_data[1]).split(’:’)[0…1] : [nil, nil]
end

I understand what this method does, but what I dont get is how the login
and encrypted password gets there in the first place.

When the user logs in, a session is set, I dont see how the login and
password info gets put into the request.env.

Anybody have any ideas?

Eric G. wrote:

@@http_auth_headers = %w(X-HTTP_AUTHORIZATION HTTP_AUTHORIZATION

Authorization)

Anybody have any ideas?

These HTTP header fields are populated by the browser and server, not
the application.

A.

Thanks for the reply,

hmm but how does the browser and the server know that what they entered
is login information. Do they look at the object id’s?, or do they see
if there is a password box on the page?