From a3be1e174bffc77c44752d9dea8643e0b275a3e8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javi=20Mart=C3=ADn?= Date: Thu, 29 Sep 2022 23:07:28 +0200 Subject: [PATCH] Allow different HTTP basic auth settings per tenant --- app/controllers/application_controller.rb | 5 +++-- config/secrets.yml.example | 12 ++++++------ 2 files changed, 9 insertions(+), 8 deletions(-) diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 0a6e67a98..fd9c77a6a 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -26,12 +26,13 @@ class ApplicationController < ActionController::Base def authenticate_http_basic authenticate_or_request_with_http_basic do |username, password| - username == Rails.application.secrets.http_basic_username && password == Rails.application.secrets.http_basic_password + username == Tenant.current_secrets.http_basic_username && + password == Tenant.current_secrets.http_basic_password end end def http_basic_auth_site? - Rails.application.secrets.http_basic_auth + Tenant.current_secrets.http_basic_auth end def verify_lock diff --git a/config/secrets.yml.example b/config/secrets.yml.example index a66abb40a..c6d29ec3b 100644 --- a/config/secrets.yml.example +++ b/config/secrets.yml.example @@ -57,8 +57,8 @@ staging: # my_tenant_subdomain: # secret_key: my_secret_value # - # Currently you can overwrite SMTP, SMS, manager and microsoft API - # settings. + # Currently you can overwrite SMTP, SMS, manager, microsoft API and + # HTTP basic settings. <<: *maps <<: *apis @@ -93,8 +93,8 @@ preproduction: # my_tenant_subdomain: # secret_key: my_secret_value # - # Currently you can overwrite SMTP, SMS, manager and microsoft API - # settings. + # Currently you can overwrite SMTP, SMS, manager, microsoft API and + # HTTP basic settings. twitter_key: "" twitter_secret: "" facebook_key: "" @@ -134,8 +134,8 @@ production: # my_tenant_subdomain: # secret_key: my_secret_value # - # Currently you can overwrite SMTP, SMS, manager and microsoft API - # settings. + # Currently you can overwrite SMTP, SMS, manager, microsoft API and + # HTTP basic settings. twitter_key: "" twitter_secret: "" facebook_key: ""