enigmamachine 0.2.1 → 0.2.2

data/README.rdoc

@@ -54,6 +54,47 @@ The enigmamachine will run all encoding tasks on the video.  If a new video is
 uploaded while the first one is still encoding, it will be placed in a queue.
 Videos are encoded sequentially as they arrive.
 
+All requests, whether they come from your browser or from your code, are
+protected by HTTP basic auth.  By default, the username is
+<i>admin</i> and the password is <i>admin</i>.
+
+Programmatic requests in Ruby might look something like this:
+
+    require 'rubygems'
+    require 'httparty'
+    require 'base64'
+
+    class EnigmaClient
+
+      include HTTParty
+      base_uri 'localhost:2002'
+
+      def initialize (u, p)
+        @auth = encode_credentials(u, p)
+      end
+
+      def post(path_to_video, encoder_id)
+        self.class.post('/videos', {
+          :body => {:video => {:file => path_to_video}, :encoder_id => encoder_id},
+          'HTTP_AUTHORIZATION' => @auth
+        })
+      end
+
+      private
+
+      def encode_credentials(username, password)
+        "Basic " + Base64.encode64("#{username}:#{password}")
+      end
+
+    end
+
+
+
+ # Let's use it!
+ #
+ EnigmaClient.new("admin", "admin").post("/path/to/your/uploaded/video.mp4", 1)
+
+
 == Encoders and Encoding Tasks
 
 When you POST the location of a video to your enigmamachine, you need to tell
@@ -92,15 +133,23 @@ _Grab a 320x240 JPEG thumbnail_:
 
 Rinse and repeat for the 160x120 thumbnail.
 
-== Security
+== Security considerations
 
 Enigmamachine is set to bind by default to 127.0.0.1 (your system's loopback)
-interface rather than on all network interfaces.
+interface rather than on all network interfaces, so it won't be accessible from
+other machines.
 
 Making an enigmamachine available on an untrusted network (like
 the Internet) would be a suicidal move on your part, since the code used to
-talk to ffmpeg is a simple exec call and you'll be inviting everyone in the world
-to execute commands on your server. Have fun with that.
+talk to ffmpeg is a simple backtick exec call and you'll be inviting everyone in
+the world to execute commands on your server, with your effective user
+permissions.
+
+When the enigmamachine starts for the first time in a given directory, it will
+spit out a config.yml file containing a username and password.  All requests
+will need to submit this auth information.  This should make enigmamachine
+reasonably safe to use on shared hosts, just make sure nobody can read the
+config file except the user executing the enigmamachine process.
 
 If you don't know what any of this means, don't run it.  I'm not responsible if
 your enigmamachine screws up your system, allows people to exploit you, or

data/VERSION

@@ -1 +1 @@
-0.2.1
+0.2.2

data/enigmamachine.gemspec

@@ -5,7 +5,7 @@
 
 Gem::Specification.new do |s|
   s.name = %q{enigmamachine}
-  s.version = "0.2.1"
+  s.version = "0.2.2"
 
   s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
   s.authors = ["dave"]

data/lib/enigmamachine.rb

@@ -102,9 +102,7 @@ class EnigmaMachine < Sinatra::Base
 
   # Set up Rack authentication
   #
-  # I'm going to disable this for now, although later this might be a good way
-  # of providing security for shared hosts. TODO: figure out how to secure the
-  # app for use on shared hosts.
+  # Provides minimal security for shared hosts.
   #
   use Rack::Auth::Basic do |username, password|
     [username, password] == [@@username, @@password]

metadata

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification 
 name: enigmamachine
 version: !ruby/object:Gem::Version 
-  hash: 21
+  hash: 19
   prerelease: false
   segments: 
   - 0
   - 2
-  - 1
-  version: 0.2.1
+  - 2
+  version: 0.2.2
 platform: ruby
 authors: 
 - dave