Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
require 'warden/github'
class SidekiqGithubChecker
def self.registered(app)
app.helpers do
def warden; env['warden'] end
def github_organization_authenticate!(name)
unless warden.user.organization_member?(name)
halt [401, {}, ["You don't have access to organization #{name}"]]
end
end
end
app.before do
next if current_path == 'unauthenticated'
warden.authenticate!
github_organization_authenticate! ENV['GITHUB_ORG']
end
app.get('/unauthenticated') { [403, {}, [warden.message || ""]] }
app.get '/auth/github/callback' do
if params["error"]
redirect "/unauthenticated"
else
warden.authenticate!
redirect root_path
end
end
end
end
Sidekiq::Web.register SidekiqGithubChecker
Sidekiq::Web.use Warden::Manager do |config|
config.failure_app = Sidekiq::Web
config.default_strategies :github
config.scope_defaults :default, config: {
client_id: ENV['GITHUB_CLIENT_ID'],
client_secret: ENV['GITHUB_CLIENT_SECRET'],
redirect_uri: '/auth/github/callback'
}
config.serialize_from_session { |key| Warden::GitHub::Verifier.load(key) }
config.serialize_into_session { |user| Warden::GitHub::Verifier.dump(user) }
end
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.