Allow different HTTP basic auth settings per tenant

app/controllers/application_controller.rb

@@ -26,12 +26,13 @@ class ApplicationController < ActionController::Base
 
     def authenticate_http_basic
       authenticate_or_request_with_http_basic do |username, password|
-        username == Rails.application.secrets.http_basic_username && password == Rails.application.secrets.http_basic_password
+        username == Tenant.current_secrets.http_basic_username &&
+          password == Tenant.current_secrets.http_basic_password
       end
     end
 
     def http_basic_auth_site?
-      Rails.application.secrets.http_basic_auth
+      Tenant.current_secrets.http_basic_auth
     end
 
     def verify_lock

config/secrets.yml.example

@@ -57,8 +57,8 @@ staging:
     # my_tenant_subdomain:
     #   secret_key: my_secret_value
     #
-    # Currently you can overwrite SMTP, SMS, manager and microsoft API
-    # settings.
+    # Currently you can overwrite SMTP, SMS, manager, microsoft API and
+    # HTTP basic settings.
   <<: *maps
   <<: *apis
 
@@ -93,8 +93,8 @@ preproduction:
     # my_tenant_subdomain:
     #   secret_key: my_secret_value
     #
-    # Currently you can overwrite SMTP, SMS, manager and microsoft API
-    # settings.
+    # Currently you can overwrite SMTP, SMS, manager, microsoft API and
+    # HTTP basic settings.
   twitter_key: ""
   twitter_secret: ""
   facebook_key: ""
@@ -134,8 +134,8 @@ production:
     # my_tenant_subdomain:
     #   secret_key: my_secret_value
     #
-    # Currently you can overwrite SMTP, SMS, manager and microsoft API
-    # settings.
+    # Currently you can overwrite SMTP, SMS, manager, microsoft API and
+    # HTTP basic settings.
   twitter_key: ""
   twitter_secret: ""
   facebook_key: ""