Created
April 13, 2011 14:08
-
-
Save scottwater/917607 to your computer and use it in GitHub Desktop.
Quick samples on securing Resque::Server
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
require 'resque/server' | |
class SecureResqueServer < Resque::Server | |
before do | |
redirect '/' unless some_condition_is_met! | |
end | |
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
require 'resque/server' | |
class SecureResqueServer < Resque::Server | |
use Rack::Auth::Basic, "Restricted Area" do |username, password| | |
[username, password] == ['admin', 'admin'] | |
end | |
end |
Oddly enough, the railscast alternative did not do it for me. I had to use @scottwater's second solution .
I banged my head on this for a while before finding this helpful gist. In Rails 6 I did the following:
config/routes.rb
Rails.application.routes.draw do
# YOUR ROUTES HERE
mount Resque::Server.new, at: "/resque"
end
config/initializers/resque_auth.rb
require 'resque/server'
Resque::Server.use(Rack::Auth::Basic) do |user, password|
[user, password] == [ENV["RESQUE_HTTP_BASIC_AUTH_USER"], ENV["RESQUE_HTTP_BASIC_AUTH_PASSWORD"]]
end
I don't put the user and password directly in the code, I load those as environment variables from a file I do not check into version control for security.
config/env_config.yml
RESQUE_HTTP_BASIC_AUTH_USER: "YOUR_USER_NAME_HERE"
RESQUE_HTTP_BASIC_AUTH_PASSWORD: "YOUR_PASSWORD_HERE"
config/application.rb
# Add this in the config.before_configuration do block, this is not a complete application.rb
env_file = File.join(Rails.root, 'config', 'env_config.yml')
YAML.load(File.open(env_file)).each do |key, value|
ENV[key.to_s] = value
end if File.exists?(env_file)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
An interesting alternative to this is to use an initializer as described in http://asciicasts.com/episodes/271-resque
"We’re not using Devise or any other authentication system in our application so instead we’ll use HTTP Basic Authentication. To do this we’ll create a new initializer in the config/initializers directory called resque_auth.rb."
I have changed a bit the example from ASCIIcasts
/config/initializers/resque_auth.rb: