Re: [nesta] Basic HTTP Authorization
- From:
- Graham Ashton
- Date:
- 2011-04-09 @ 07:46
That looks okay to me. I'll have a think about an alternative to JSON in
an env var, but at first glance I can't think of anything simpler.
On 9 Apr 2011, at 01:48, hectorsq <mail@hectorsq.com> wrote:
> I am migrating a user manual from Word to Nesta and publishing it in heroku.
> In order to grant access to my current customers only, I added a basic
http authorization mechanism.
>
> The modified config.ru is:
>
> =================
> require 'rubygems'
> require 'bundler/setup'
> require 'json'
>
> Bundler.require(:default)
>
> require 'nesta/app'
>
> Nesta::App.root = ::File.expand_path('.', ::File.dirname(__FILE__))
>
> if ENV['RACK_ENV'] == 'production'
>
> env_cred = ENV['CREDENTIALS']
> credentials = {}
> credentials = JSON(env_cred) if env_cred
>
> use Rack::Auth::Basic, "Restricted Area" do |username, password|
> credentials[username] == password
> end
>
> end
>
> run Nesta::App
> =================
>
> The authorization mechanism works only in production (heroku).
>
> The credentials are stored in an environment variable using json:
>
> heroku config:add CREDENTIALS="{\"user1\":\"pass1\",\"user2\":\"pass2\"}"
>
> I tried without success to use yaml instead of json, but had problems
using newlines in environment variables.
>
> Any comments or suggestions?
> Is there a better way to do this?
>
> Regards
>