librelist archives

« back to archive

Basic HTTP Authorization

Basic HTTP Authorization

From:
hectorsq
Date:
2011-04-09 @ 00:48
I am migrating a user manual from Word to Nesta and publishing it in heroku.
In order to grant access to my current customers only, I added a basic http
authorization mechanism.

The modified config.ru is:

=================
require 'rubygems'
require 'bundler/setup'
require 'json'

Bundler.require(:default)

require 'nesta/app'

Nesta::App.root = ::File.expand_path('.', ::File.dirname(__FILE__))

if ENV['RACK_ENV'] == 'production'

  env_cred = ENV['CREDENTIALS']
  credentials = {}
  credentials = JSON(env_cred) if env_cred

  use Rack::Auth::Basic, "Restricted Area" do |username, password|
    credentials[username] == password
  end

end

run Nesta::App
=================

The authorization mechanism works only in production (heroku).

The credentials are stored in an environment variable using json:

heroku config:add CREDENTIALS="{\"user1\":\"pass1\",\"user2\":\"pass2\"}"

I tried without success to use yaml instead of json, but had problems using
newlines in environment variables.

Any comments or suggestions?
Is there a better way to do this?

Regards

Re: [nesta] Basic HTTP Authorization

From:
Graham Ashton
Date:
2011-04-09 @ 07:46
That looks okay to me. I'll have a think about an alternative to JSON in 
an env var, but at first glance I can't think of anything simpler.

On 9 Apr 2011, at 01:48, hectorsq <mail@hectorsq.com> wrote:

> I am migrating a user manual from Word to Nesta and publishing it in heroku.
> In order to grant access to my current customers only, I added a basic 
http authorization mechanism.
> 
> The modified config.ru is:
> 
> =================
> require 'rubygems'
> require 'bundler/setup'
> require 'json'
> 
> Bundler.require(:default)
> 
> require 'nesta/app'
> 
> Nesta::App.root = ::File.expand_path('.', ::File.dirname(__FILE__))
> 
> if ENV['RACK_ENV'] == 'production' 
> 
>   env_cred = ENV['CREDENTIALS']
>   credentials = {} 
>   credentials = JSON(env_cred) if env_cred
> 
>   use Rack::Auth::Basic, "Restricted Area" do |username, password|
>     credentials[username] == password
>   end
> 
> end
> 
> run Nesta::App
> =================
> 
> The authorization mechanism works only in production (heroku).
> 
> The credentials are stored in an environment variable using json:
> 
> heroku config:add CREDENTIALS="{\"user1\":\"pass1\",\"user2\":\"pass2\"}"
> 
> I tried without success to use yaml instead of json, but had problems 
using newlines in environment variables.
> 
> Any comments or suggestions?
> Is there a better way to do this?
> 
> Regards
>