Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

add ssl enforcing

  • Loading branch information...
commit a6ddf6cc5f6ee3a1e2b17f31631385e022b0f9dd 1 parent 6d76ce5
@SlexAxton SlexAxton authored
View
3  Gemfile
@@ -8,5 +8,4 @@ gem 'mongo_mapper'
gem 'bson_ext'
gem 'eco'
gem 'useragent'
-gem 'erubis'
-gem 'rack-ssl-enforcer', :require => 'rack/ssl-enforcer'
+gem 'erubis'
View
2  Gemfile.lock
@@ -55,7 +55,6 @@ GEM
rack (1.4.3)
rack-protection (1.3.2)
rack
- rack-ssl-enforcer (0.2.5)
rack-test (0.6.2)
rack (>= 1.0)
rb-fchange (0.0.6)
@@ -102,7 +101,6 @@ DEPENDENCIES
eco
erubis
mongo_mapper
- rack-ssl-enforcer
sinatra
sinatra-contrib
thin
View
37 admin.rb
@@ -49,20 +49,49 @@ def required(*atts)
end
end
end
+
+ def protected!
+ unless authorized?
+ response['WWW-Authenticate'] = %(Basic realm="Testing HTTP Auth")
+ throw(:halt, [401, "Not authorized\n"])
+ end
+ end
+
+ def authorized?
+ @auth ||= Rack::Auth::Basic::Request.new(request.env)
+ @auth.provided? && @auth.basic? &&
+ @auth.credentials && @auth.credentials == [settings.username, settings.password]
+ end
+
+ def ssl_enforce!
+ unless request.secure?
+ redirect "https://#{request.host}#{request.fullpath}"
+ end
+ end
+end
+
+configure :production do
+ before '/admin/*' do
+ protected!
+ end
+
+ before '/admin/*' do
+ ssl_enforce!
+ end
end
# Router
get '/' do
- redirect '/experiments'
+ redirect '/admin'
end
-get '/experiments' do
+get '/admin' do
@experiments = Abba::Experiment.all
erb :experiments
end
-get '/experiments/:id/chart', :provides => 'application/json' do
+get '/admin/experiments/:id/chart', :provides => 'application/json' do
required :start_at, :end_at
experiment = Abba::Experiment.find(params[:id])
@@ -72,7 +101,7 @@ def required(*atts)
experiment.granular_conversion_rate(start_at: start_at, end_at: end_at).to_json
end
-get '/experiments/:id' do
+get '/admin/experiments/:id' do
@experiment = Abba::Experiment.find(params[:id])
@start_at = Date.to_mongo(params[:start_at]).beginning_of_day if params[:start_at].present?
View
1  app/abba.rb
@@ -3,5 +3,4 @@ module Abba
autoload :Request, 'app/models/request'
autoload :Variant, 'app/models/variant'
autoload :VariantPresentor, 'app/models/variant_presentor'
- autoload :Guard, 'app/middleware/guard'
end
View
2  app/assets/javascripts/admin/chart.module.coffee
@@ -4,7 +4,7 @@ $ = jQuery
class Chart extends Controller
fetch: =>
- url = "/experiments/#{@options.model.id}/chart"
+ url = "/admin/experiments/#{@options.model.id}/chart"
data = {start_at: @options.startAt, end_at: @options.endAt}
$.getJSON(url, data, @render)
View
32 app/middleware/guard.rb
@@ -1,32 +0,0 @@
-module Abba
- class Guard
- def initialize(app)
- @app = app
- end
-
- def call(env)
- unless production?
- return @app.call(env)
- end
-
- request = Rack::Request.new(env)
-
- # IP Auth
- if settings.allowed_ips? && settings.allowed_ips.include?(request.ip)
- return @app.call(env)
- end
-
- # Basic Auth
- if settings.username?
- guard = proc do |username, password|
- username == settings.username && password == settings.password
- end
-
- basic = Rack::Auth::Basic.new(@app, nil, &guard)
- return basic.call(env)
- end
-
- @app.call(env)
- end
- end
-end
View
2  app/views/experiments.erb
@@ -23,7 +23,7 @@
<tr>
<td class="index"><%= i + 1 %></td>
<td class="name">
- <a href="/experiments/<%= experiment.id %>">
+ <a href="/admin/experiments/<%= experiment.id %>">
<%= experiment.name %>
</a>
</td>
View
2  app/views/layout.erb
@@ -8,7 +8,7 @@
<body>
<menu>
<ul>
- <li><a href="/experiments">Experiments</a></li>
+ <li><a href="/admin/experiments">Experiments</a></li>
</ul>
<h1><a href="/">Abba</a></h1>
View
4 config.yml
@@ -1,3 +1,3 @@
+ssl: true
username: guard
-password: llama
-# authorized_ips:
+password: llama
Please sign in to comment.
Something went wrong with that request. Please try again.