uses secrets variable to decide when to use http_auth

2015-09-06 18:36:31 +02:00
parent 9a6d064b4b
commit e9dc0d54cd
1 changed files with 7 additions and 5 deletions
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -4,7 +4,7 @@ class ApplicationController < ActionController::Base
  include SimpleCaptcha::ControllerHelpers
  include HasFilters

-  before_action :authenticate_http_basic
+  before_action :authenticate_http_basic, if: :http_basic_auth_site?
  before_action :authenticate_user!, unless: :devise_controller?, if: :beta_site?
  before_action :authenticate_beta_tester!, unless: :devise_controller?, if: :beta_site?

@@ -26,12 +26,10 @@ class ApplicationController < ActionController::Base
  private

    def authenticate_http_basic
-      if Rails.env.staging? || Rails.env.preproduction? || Rails.env.production?
      authenticate_or_request_with_http_basic do |username, password|
        username == Rails.application.secrets.http_basic_username && password == Rails.application.secrets.http_basic_password
      end
    end
-    end

    def authenticate_beta_tester!
      unless signed_in? && beta_testers.include?(current_user.email)
@@ -48,6 +46,10 @@ class ApplicationController < ActionController::Base
      Rails.application.secrets.beta_site
    end

+    def http_basic_auth_site?
+      Rails.application.secrets.http_basic_auth
+    end
+
    def set_locale
      if params[:locale] && I18n.available_locales.include?(params[:locale].to_sym)
        session[:locale] = params[:locale]