balrog 0.2.0 → 1.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.circleci/config.yml +1 -0
- data/.gitignore +2 -0
- data/CHANGELOG.md +12 -0
- data/Gemfile.lock +2 -2
- data/README.md +25 -2
- data/app/views/balrog/gate.html.erb +1 -1
- data/balrog.gemspec +1 -1
- data/lib/balrog.rb +1 -0
- data/lib/balrog/routes_middleware.rb +27 -0
- data/lib/balrog/version.rb +1 -1
- metadata +6 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: b518904751f63b68eab38cc945dfebe1cf013124be9b16abf684fbfe24450550
|
|
4
|
+
data.tar.gz: '0179daeb802833fdf7cb6771584f604fcba47bbdb4fe8177003ea70c1ec3aa4d'
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: c85e1122e208eba94aa7dd98940b38a1274a5e048922d4f15b9cf7699daabb2f7d905efcdc1f5e711192270e554229a5c324cbfcf78e6decc6ab7c40b9588708
|
|
7
|
+
data.tar.gz: 5f0ad78e961fed3cc084af8f6a12c20fb8f5118967aa8de08491519fd33ca55fa481fa168b3df5a505279cbeed3de008e79c9a636ae7f0606f5e74ce048c2982
|
data/.circleci/config.yml
CHANGED
data/.gitignore
CHANGED
data/CHANGELOG.md
ADDED
data/Gemfile.lock
CHANGED
data/README.md
CHANGED
|
@@ -5,7 +5,7 @@
|
|
|
5
5
|
[](https://badge.fury.io/rb/balrog)
|
|
6
6
|
[](https://circleci.com/gh/pixielabs/balrog)
|
|
7
7
|
|
|
8
|
-
Balrog is a lightweight authorization library for Ruby on Rails written by
|
|
8
|
+
Balrog is a lightweight authorization library for Ruby on Rails >= 5 written by
|
|
9
9
|
[Pixie Labs](https://pixielabs.io) that can protect your routes with a single
|
|
10
10
|
username & password combination.
|
|
11
11
|
|
|
@@ -28,7 +28,7 @@ gem 'balrog'
|
|
|
28
28
|
|
|
29
29
|
Run the installer to generate an initializer:
|
|
30
30
|
|
|
31
|
-
```
|
|
31
|
+
```shell
|
|
32
32
|
$ bundle exec rails generate balrog:install
|
|
33
33
|
Enter New Password:
|
|
34
34
|
Confirm New Password:
|
|
@@ -59,6 +59,29 @@ class AdminController < ApplicationController
|
|
|
59
59
|
end
|
|
60
60
|
```
|
|
61
61
|
|
|
62
|
+
## Restricting access to mounted Rack applications within config/routes.rb
|
|
63
|
+
|
|
64
|
+
Use the `.use` [method](https://www.rubydoc.info/gems/rack/Rack%2FBuilder:use) to add Balrog to the 'stack'.
|
|
65
|
+
|
|
66
|
+
For example with Sidekiq::Web...
|
|
67
|
+
|
|
68
|
+
```ruby
|
|
69
|
+
# Then we tell SideKiq to use Balrog::RoutesMiddleware
|
|
70
|
+
Sidekiq::Web.use Balrog::RoutesMiddleware
|
|
71
|
+
|
|
72
|
+
mount Sidekiq::Web => '/sidekiq'
|
|
73
|
+
```
|
|
74
|
+
|
|
75
|
+
N.B. If you are mounting Sidekiq Web, you need to [disable Sidekiq Web's session in config/initializers/sidekiq.rb](https://github.com/mperham/sidekiq/issues/3377#issuecomment-381254940).
|
|
76
|
+
|
|
77
|
+
```ruby
|
|
78
|
+
require 'sidekiq/web'
|
|
79
|
+
|
|
80
|
+
# In order to force sidekiq to use the rails app's session,
|
|
81
|
+
# we need to disable the Sidekiq's session.
|
|
82
|
+
Sidekiq::Web.disable(:sessions)
|
|
83
|
+
```
|
|
84
|
+
|
|
62
85
|
## Logout button
|
|
63
86
|
|
|
64
87
|
To add a logout button, you can call the `balrog_logout_button` view helper
|
data/balrog.gemspec
CHANGED
|
@@ -24,7 +24,7 @@ Gem::Specification.new do |spec|
|
|
|
24
24
|
spec.require_paths = ["lib"]
|
|
25
25
|
|
|
26
26
|
spec.add_dependency "bcrypt", "~> 3.0"
|
|
27
|
-
spec.add_dependency "rails", ">=
|
|
27
|
+
spec.add_dependency "rails", ">=5"
|
|
28
28
|
|
|
29
29
|
spec.add_development_dependency "bundler", "~> 2.0"
|
|
30
30
|
spec.add_development_dependency "rake", "~> 10.0"
|
data/lib/balrog.rb
CHANGED
|
@@ -0,0 +1,27 @@
|
|
|
1
|
+
# Public: Balrog routes middleware that redirects the user to a security
|
|
2
|
+
# gate unless the session includes { 'balrog' => 'authenticated' }.
|
|
3
|
+
#
|
|
4
|
+
# In order to protect SideKiq Web you would do something like this:
|
|
5
|
+
#
|
|
6
|
+
# require 'sidekiq/web'
|
|
7
|
+
#
|
|
8
|
+
# Sidekiq::Web.disable(:sessions)
|
|
9
|
+
# Sidekiq::Web.use Balrog::RoutesMiddleware
|
|
10
|
+
#
|
|
11
|
+
# mount Sidekiq::Web => '/sidekiq'
|
|
12
|
+
|
|
13
|
+
class Balrog::RoutesMiddleware
|
|
14
|
+
def initialize(app)
|
|
15
|
+
@app = app
|
|
16
|
+
end
|
|
17
|
+
|
|
18
|
+
def call(env)
|
|
19
|
+
unless env['rack.session']['balrog'] == 'authenticated'
|
|
20
|
+
html = ApplicationController.renderer.render 'balrog/gate', layout: nil
|
|
21
|
+
return [200, {"Content-Type" => "text/html"}, [html]]
|
|
22
|
+
end
|
|
23
|
+
@app.call(env)
|
|
24
|
+
end
|
|
25
|
+
|
|
26
|
+
end
|
|
27
|
+
|
data/lib/balrog/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: balrog
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 1.0.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Pixie Labs
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2019-05-
|
|
11
|
+
date: 2019-05-14 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bcrypt
|
|
@@ -30,14 +30,14 @@ dependencies:
|
|
|
30
30
|
requirements:
|
|
31
31
|
- - ">="
|
|
32
32
|
- !ruby/object:Gem::Version
|
|
33
|
-
version: '
|
|
33
|
+
version: '5'
|
|
34
34
|
type: :runtime
|
|
35
35
|
prerelease: false
|
|
36
36
|
version_requirements: !ruby/object:Gem::Requirement
|
|
37
37
|
requirements:
|
|
38
38
|
- - ">="
|
|
39
39
|
- !ruby/object:Gem::Version
|
|
40
|
-
version: '
|
|
40
|
+
version: '5'
|
|
41
41
|
- !ruby/object:Gem::Dependency
|
|
42
42
|
name: bundler
|
|
43
43
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -92,6 +92,7 @@ files:
|
|
|
92
92
|
- ".gitignore"
|
|
93
93
|
- ".rspec"
|
|
94
94
|
- ".travis.yml"
|
|
95
|
+
- CHANGELOG.md
|
|
95
96
|
- CODE_OF_CONDUCT.md
|
|
96
97
|
- Gemfile
|
|
97
98
|
- Gemfile.lock
|
|
@@ -112,6 +113,7 @@ files:
|
|
|
112
113
|
- lib/balrog/middleware.rb
|
|
113
114
|
- lib/balrog/password_hasher.rb
|
|
114
115
|
- lib/balrog/rake_tasks.rb
|
|
116
|
+
- lib/balrog/routes_middleware.rb
|
|
115
117
|
- lib/balrog/tasks/generate_hash.rake
|
|
116
118
|
- lib/balrog/version.rb
|
|
117
119
|
- lib/balrog/view_helpers.rb
|