Merge pull request #25 from Drieam/issue/22

Add http basic authentication to admin interface (#22)
Drieam · Feb 4, 2020 · c7e1495 · c7e1495
2 parents 09aa1d8 + c35f432
commit c7e1495
Show file tree

Hide file tree

Showing 4 changed files with 11 additions and 5 deletions.
diff --git a/README.md b/README.md
@@ -119,6 +119,8 @@ This app has a `Dockerfile` file to simplify the hosting setup. The `Dockerfile`
 - **DOMAIN** The base domain of the app (for example `lti-launcher.com`).
 - **FORCE_SSL** Set to `1` if the app runs on a secured endpoint.
 - **PORT** Optionally change the port the container listens to (default 9393).
+- **ADMIN_USER** Username used to login to the admin interface (default `admin`)
+- **ADMIN_PASSWORD** Password used to login to the admin interface (default on development is `test`)
 
 Once the app is fired up, you need to make sure to run the database migrations. So not only the first time you start the app but every time the version has changed since there could be new migrations. To run the migrations you should run `bin/rake db:migrate` inside the container.
 

diff --git a/app/controllers/admin/application_controller.rb b/app/controllers/admin/application_controller.rb
@@ -8,11 +8,10 @@
 # you're free to overwrite the RESTful controller actions.
 module Admin
   class ApplicationController < Administrate::ApplicationController
-    before_action :authenticate_admin
-
-    def authenticate_admin
-      # TODO: Add authentication logic here.
-    end
+    http_basic_authenticate_with(
+      name: Rails.application.secrets.admin_user.presence || raise('did not set any admin user'),
+      password: Rails.application.secrets.admin_password.presence || raise('did not set any admin password')
+    )
 
     # Override this value to specify the number of elements to display at a time
     # on index pages. Defaults to 20.

diff --git a/config/secrets.yml b/config/secrets.yml
@@ -2,15 +2,19 @@ shared:
   issuer: lti_launcher
   force_ssl: <%= ENV.fetch('FORCE_SSL', 0).to_i == 1 %>
   encryption_key: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
+  admin_user: <%= ENV.fetch('ADMIN_USER', 'admin') %>
 
 test:
   secret_key_base: 1dba623464ca1504fc59a1592e3770d8c37e58e88235fa176f9cea08fced203f5b2d7d02fdb79b2ec8c38ae8ba971707f837b96f3573c5d57abd6dc460ec679b
   domain: <%= ENV.fetch('DOMAIN', 'localhost:8383') %>
+  admin_password: <%= ENV.fetch('ADMIN_PASSWORD', 'test') %>
 
 development:
   secret_key_base: 808cf961cde280fd5e3a37bbf443c98a04f78852b0c7a0c6e62fa3c3116fa532e8bccaa52061e8e10f0bdafae466e86ffd9edffb33da084afbaa983a789853fe
   domain: <%= ENV.fetch('DOMAIN', 'localhost:9393') %>
+  admin_password: <%= ENV.fetch('ADMIN_PASSWORD', 'test') %>
 
 production:
   secret_key_base: <%= ENV.fetch('SECRET_KEY_BASE', nil) %>
   domain: <%= ENV.fetch('DOMAIN', nil) %>
+  admin_password: <%= ENV.fetch('ADMIN_PASSWORD', nil) %>
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -12,6 +12,7 @@ services:
       DOMAIN: localhost:9393
       SECRET_KEY_BASE: 1225e73f1f9f0030eb106db3b5807c46d2ed431487a7ba780af73f08aa3eaebfe47f840f12f55e7180c3464076a19bec8575ec8533a9cba16e9d276c0d3ac225
       DATABASE_URL: postgres://postgres@db
+      ADMIN_PASSWORD: test
 
   db:
     image: postgres:11-alpine