projects
/
arvados.git
/ commitdiff
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
91ef706
)
stub authentication check
author
Tom Clegg <tom@clinicalfuture.com>
Tue, 22 Jan 2013 00:02:02 +0000
(16:02 -0800)
committer
Tom Clegg <tom@clinicalfuture.com>
Tue, 22 Jan 2013 00:02:29 +0000
(16:02 -0800)
app/controllers/application_controller.rb
patch
|
blob
|
history
config/environments/development.rb
patch
|
blob
|
history
config/environments/production.rb
patch
|
blob
|
history
config/environments/test.rb
patch
|
blob
|
history
diff --git
a/app/controllers/application_controller.rb
b/app/controllers/application_controller.rb
index 69ba7507277a941d19e588f8c3e9be6c49bbf691..c6ab2b50908432224e3783ed4fac0161382efc46 100644
(file)
--- a/
app/controllers/application_controller.rb
+++ b/
app/controllers/application_controller.rb
@@
-2,6
+2,7
@@
class ApplicationController < ActionController::Base
protect_from_forgery
before_filter :uncamelcase_params_hash_keys
before_filter :find_object_by_uuid, :except => :index
protect_from_forgery
before_filter :uncamelcase_params_hash_keys
before_filter :find_object_by_uuid, :except => :index
+ before_filter :authenticate_api_token
unless Rails.application.config.consider_all_requests_local
rescue_from Exception,
unless Rails.application.config.consider_all_requests_local
rescue_from Exception,
@@
-153,4
+154,13
@@
class ApplicationController < ActionController::Base
}
render json: @object_list
end
}
render json: @object_list
end
+
+ def authenticate_api_token
+ unless Rails.configuration.
+ accept_api_token.
+ has_key?(params[:api_token] ||
+ cookies[:api_token])
+ render_error(Exception.new("Invalid API token"))
+ end
+ end
end
end
diff --git
a/config/environments/development.rb
b/config/environments/development.rb
index fa54a593dad63b1bad729a917cf218a4f0eafec0..4b46ff92aaefd256a81594e74c7c90845d7d025a 100644
(file)
--- a/
config/environments/development.rb
+++ b/
config/environments/development.rb
@@
-40,4
+40,8
@@
Server::Application.configure do
config.compute_node_nameservers = ['192.168.201.3']
config.uuid_prefix('development@' + `hostname`.strip)
config.compute_node_nameservers = ['192.168.201.3']
config.uuid_prefix('development@' + `hostname`.strip)
+
+ # Authentication stub: hard code pre-approved API tokens.
+ # config.accept_api_token = { rand(2**256).to_s(36) => true }
+ config.accept_api_token = {}
end
end
diff --git
a/config/environments/production.rb
b/config/environments/production.rb
index 7a9f4c6b992e2ca4e3768957e41caae7f6ab8acd..a1f2a1d7c27df18f79af43f222da2b86e24c7f5c 100644
(file)
--- a/
config/environments/production.rb
+++ b/
config/environments/production.rb
@@
-71,4
+71,8
@@
Server::Application.configure do
end << '172.16.0.23'
config.uuid_prefix = Digest::MD5.hexdigest('cfi-aws-0').to_i(16).to_s(36)[0..4] # '9ujm1'
end << '172.16.0.23'
config.uuid_prefix = Digest::MD5.hexdigest('cfi-aws-0').to_i(16).to_s(36)[0..4] # '9ujm1'
+
+ # Authentication stub: hard code pre-approved API tokens.
+ # config.accept_api_token = { rand(2**256).to_s(36) => true }
+ config.accept_api_token = {}
end
end
diff --git
a/config/environments/test.rb
b/config/environments/test.rb
index 728fc14dd21f7bb954aa566003fbeada65b1d6da..a97ff78c5406b2582bdf31d056e5a9a520ba72c0 100644
(file)
--- a/
config/environments/test.rb
+++ b/
config/environments/test.rb
@@
-50,4
+50,8
@@
Server::Application.configure do
config.compute_node_nameservers = [ "172.16.0.23" ]
config.uuid_prefix('test@' + `hostname`.strip)
config.compute_node_nameservers = [ "172.16.0.23" ]
config.uuid_prefix('test@' + `hostname`.strip)
+
+ # Authentication stub: hard code pre-approved API tokens.
+ # config.accept_api_token = { rand(2**256).to_s(36) => true }
+ config.accept_api_token = {}
end
end