Giter VIP home page Giter VIP logo

rack_password's Introduction

RackPassword

Small rack middleware to block your site from unwanted vistors. A little bit more convenient than basic auth - browser will ask you once for the password and then set a cookie to remember you - unlike the http basic auth it wont prompt you all the time. If used as RoR middleware, it will show application name above the sign in form.

Installation

Add this line to your application's Gemfile:

gem 'rack_password'

Usage

Let's assume you want to password protect your staging environemnt. Add something like this to config/environments/staging.rb 

config.middleware.use RackPassword::Block, auth_codes: ['janusz']

From now on, your staging app should prompt for janusz password before you access it.

Options

You can also provide additional authentication rules in the options hash:

  • ip_whitelist specifies allowed visitors IP addresses
  • path_whitelist specifies allowed request path, it also works with regexp
  • custom_rule provides custom validator
config.middleware.use RackPassword::Block,
    auth_codes: ['janusz'],
    ip_whitelist: ['82.43.112.65', '65.33.23.120'],
    path_whitelist: /\A\/(users|invitations)/,
    custom_rule: proc { |request| request.env['HTTP_USER_AGENT'].include?('facebook') }

The access is granted if at least one authentication rule is fulfilled (that includes auth_codes rule).

You can also provide cookie_domain option to override cookie domain. This way you can have one cookie shared across all subdomains.

config.middleware.use RackPassword::Block, auth_codes: ['janusz'], cookie_domain: '.somedomain.com'

The above code will make the authorization cookie shared across all somedomain.com subdomains, e.g. a.somedomain.com and b.somedomain.com.

Common problems

  • If you use server ip address instead of domain name to visit your webpage using chrome, rack_password will not accept any password, including the correct one. As a workaround, please use wildcard DNS service, such as xip.io or set cookie_domain option to match server IP address.

Contributing

  1. Fork it ( https://github.com/netguru/rack_password/fork )
  2. Create your feature branch (git checkout -b my-new-feature)
  3. Commit your changes (git commit -am 'Add some feature')
  4. Push to the branch (git push origin my-new-feature)
  5. Create a new Pull Request

rack_password's People

Contributors

madsheep avatar mic-kul avatar rindek avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.