Permalink
Browse files

Add auth token support to App::Status

  • Loading branch information...
1 parent ac5deef commit a91d64a560743d130ec0930640aa364ab187ce36 @evanphx evanphx committed Dec 7, 2011
Showing with 36 additions and 0 deletions.
  1. +12 −0 lib/puma/app/status.rb
  2. +24 −0 test/test_app_status.rb
View
12 lib/puma/app/status.rb
@@ -4,9 +4,21 @@ class Status
def initialize(server, cli)
@server = server
@cli = cli
+ @auth_token = nil
+ end
+
+ attr_accessor :auth_token
+
+ def authenticate(env)
+ return true unless @auth_token
+ env['QUERY_STRING'].to_s.split(/&;/).include?("token=#{@auth_token}")
end
def call(env)
+ unless authenticate(env)
+ return [403, {}, ["Invalid auth token"]]
+ end
+
case env['PATH_INFO']
when "/stop"
@server.stop
View
24 test/test_app_status.rb
@@ -24,6 +24,30 @@ def halt
def setup
@server = FakeServer.new
@app = Puma::App::Status.new(@server, @server)
+ @app.auth_token = nil
+ end
+
+ def test_bad_token
+ @app.auth_token = "abcdef"
+
+ env = { 'PATH_INFO' => "/whatever" }
+
+ status, header, body = @app.call env
+
+ assert_equal 403, status
+ end
+
+ def test_good_token
+ @app.auth_token = "abcdef"
+
+ env = {
+ 'PATH_INFO' => "/whatever",
+ 'QUERY_STRING' => "token=abcdef"
+ }
+
+ status, header, body = @app.call env
+
+ assert_equal 404, status
end
def test_unsupported

0 comments on commit a91d64a

Please sign in to comment.