Merge pull request #1267 from tchak/httpaccess-on-dev

Put tps-dev (staging) environement behind a BasicAuth
This commit is contained in:
gregoirenovel 2018-01-18 18:21:30 +01:00 committed by GitHub
commit df934e1bba
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 31 additions and 0 deletions

View file

@ -7,6 +7,14 @@ class ApplicationController < ActionController::Base
before_action :set_raven_context before_action :set_raven_context
before_action :authorize_request_for_profiler before_action :authorize_request_for_profiler
before_action :staging_authenticate
def staging_authenticate
if StagingAuthService.enabled? && !authenticate_with_http_basic { |username, password| StagingAuthService.authenticate(username, password) }
request_http_basic_authentication
end
end
def authorize_request_for_profiler def authorize_request_for_profiler
if administration_signed_in? if administration_signed_in?
Rack::MiniProfiler.authorize_request Rack::MiniProfiler.authorize_request

View file

@ -0,0 +1,23 @@
class StagingAuthService
CONFIG_PATH = Rails.root.join("/config/basic_auth.yml")
def self.authenticate(username, password)
if enabled?
username == config[:username] && password == config[:password]
else
true
end
end
def self.enabled?
!!config[:enabled]
end
def self.config
if File.exists?(CONFIG_PATH)
YAML.safe_load(File.read(CONFIG_PATH)).symbolize_keys
else
{}
end
end
end