From c35f432ac8283bb82267e00fb174506f613ec9b0 Mon Sep 17 00:00:00 2001 From: Stef Schenkelaars Date: Tue, 4 Feb 2020 15:07:34 +0100 Subject: [PATCH] Add http basic authentication to admin interface (#22) --- README.md | 2 ++ app/controllers/admin/application_controller.rb | 9 ++++----- config/secrets.yml | 4 ++++ docker-compose.yml | 1 + 4 files changed, 11 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index bfe0684..8fd67af 100644 --- a/README.md +++ b/README.md @@ -119,6 +119,8 @@ This app has a `Dockerfile` file to simplify the hosting setup. The `Dockerfile` - **DOMAIN** The base domain of the app (for example `lti-launcher.com`). - **FORCE_SSL** Set to `1` if the app runs on a secured endpoint. - **PORT** Optionally change the port the container listens to (default 9393). +- **ADMIN_USER** Username used to login to the admin interface (default `admin`) +- **ADMIN_PASSWORD** Password used to login to the admin interface (default on development is `test`) Once the app is fired up, you need to make sure to run the database migrations. So not only the first time you start the app but every time the version has changed since there could be new migrations. To run the migrations you should run `bin/rake db:migrate` inside the container. diff --git a/app/controllers/admin/application_controller.rb b/app/controllers/admin/application_controller.rb index e9dd634..e733efc 100644 --- a/app/controllers/admin/application_controller.rb +++ b/app/controllers/admin/application_controller.rb @@ -8,11 +8,10 @@ # you're free to overwrite the RESTful controller actions. module Admin class ApplicationController < Administrate::ApplicationController - before_action :authenticate_admin - - def authenticate_admin - # TODO: Add authentication logic here. - end + http_basic_authenticate_with( + name: Rails.application.secrets.admin_user.presence || raise('did not set any admin user'), + password: Rails.application.secrets.admin_password.presence || raise('did not set any admin password') + ) # Override this value to specify the number of elements to display at a time # on index pages. Defaults to 20. diff --git a/config/secrets.yml b/config/secrets.yml index 5af511c..dd60573 100644 --- a/config/secrets.yml +++ b/config/secrets.yml @@ -2,15 +2,19 @@ shared: issuer: lti_launcher force_ssl: <%= ENV.fetch('FORCE_SSL', 0).to_i == 1 %> encryption_key: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx + admin_user: <%= ENV.fetch('ADMIN_USER', 'admin') %> test: secret_key_base: 1dba623464ca1504fc59a1592e3770d8c37e58e88235fa176f9cea08fced203f5b2d7d02fdb79b2ec8c38ae8ba971707f837b96f3573c5d57abd6dc460ec679b domain: <%= ENV.fetch('DOMAIN', 'localhost:8383') %> + admin_password: <%= ENV.fetch('ADMIN_PASSWORD', 'test') %> development: secret_key_base: 808cf961cde280fd5e3a37bbf443c98a04f78852b0c7a0c6e62fa3c3116fa532e8bccaa52061e8e10f0bdafae466e86ffd9edffb33da084afbaa983a789853fe domain: <%= ENV.fetch('DOMAIN', 'localhost:9393') %> + admin_password: <%= ENV.fetch('ADMIN_PASSWORD', 'test') %> production: secret_key_base: <%= ENV.fetch('SECRET_KEY_BASE', nil) %> domain: <%= ENV.fetch('DOMAIN', nil) %> + admin_password: <%= ENV.fetch('ADMIN_PASSWORD', nil) %> diff --git a/docker-compose.yml b/docker-compose.yml index 79ed6ca..504a6b1 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -12,6 +12,7 @@ services: DOMAIN: localhost:9393 SECRET_KEY_BASE: 1225e73f1f9f0030eb106db3b5807c46d2ed431487a7ba780af73f08aa3eaebfe47f840f12f55e7180c3464076a19bec8575ec8533a9cba16e9d276c0d3ac225 DATABASE_URL: postgres://postgres@db + ADMIN_PASSWORD: test db: image: postgres:11-alpine