Seems like anyone knowing your URL would stick it a /admin and be able to spam your users ;) How would you prevent that?
Asked
Active
Viewed 84 times
2 Answers
1
Found here: http://recipes.sinatrarb.com/p/middleware/rack_auth_basic_and_digest
require 'bundler'
Bundler.require
use Rack::Auth::Basic, "Protected Area" do |username, password|
username == 'foo' && password == 'bar'
end
app = Helios::Application.new {
...
}
run app
StuFF mc
- 4,137
- 2
- 33
- 32
-
Hmmm... Basic Auth is... Basic :) Could be enough in some cases, but I just decided/realized it's no in mine. Another question is then how to have some routes public. Tried the examples at that website for that for now without luck. – StuFF mc Jan 27 '14 at 17:27
-
-
-
@hek2mgl — this is a standard Helios.io setup. Not sure why there's 2 require here :) oh and yes I'm doing there support because nobody answers when you ask questions to them :( which support? :) – StuFF mc Jan 30 '14 at 10:11
0
Turns out for Basic Auth you can simple use those 2 Environment variables
HELIOS_ADMIN_USERNAME=foo
HELIOS_ADMIN_PASSWORD-bar
In dev it's as simple as a .env file in the root — which works awesome, but with Heroku I add to use heroku config:set HELIOS_ADMIN_USERNAME=foo (and still, it doesn't work, somehow)...
StuFF mc
- 4,137
- 2
- 33
- 32