hephaestus 0.8.18 → 0.8.19

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: ffedeecbefff19cb5a280d95430ff9248ba14256b6fa3189b6b9cfef5a0d88cb
-  data.tar.gz: aa348ded26343abe7cb12911821d3d589e6760829f5cf4c97d441c0396fef7c0
+  metadata.gz: bbdf4f3a5c6472e793f2e4a5cca2d8588d8fc7edf8a713db536671e48c5b8adc
+  data.tar.gz: 1d85b74ed6a67234ef911135c6a25d51f2ae5f015d8eec3dd2f8e45611144d9d
 SHA512:
-  metadata.gz: 31a6fa2a2a39de35377f0356304b0cbbc24715e4ab50dc59f0b6d7fe9f4ddcd0450acba680c87a49b162700315ca9ad3fab8abb9e24e67555c5fd3a42eebb74b
-  data.tar.gz: 445442bdc86c11c68abfd4085587a80f831a1a10e9b62283b03720516c53119a090de6ef16f5681dfd9cb382c9815713fe215e9af35652a75a9674bdb3ff80a7
+  metadata.gz: 53815be1097fac20d441f5a63be128e8cd0af9cbb152a02b1b449747aa376623dd3079ff84f9fca003174464688cd1b321ec448f6cfd42e3c7ef72ca3195bff2
+  data.tar.gz: 8398911ad7a8a1359e803dfc07dd88a0d42fde211a75f16fbc0c20a28fa4fc1cdb95f874e29c002423090f35179c490b3d5b58f189c78506fb873fdd3d57ebb0

data/CHANGELOG.md

@@ -1,3 +1,9 @@
+# [v0.8.19] - 08-04-2025
+## What's Changed
+* Protect staff pages with basic auth by @gjtorikian in https://github.com/yettoapp/hephaestus/pull/120
+
+
+**Full Changelog**: https://github.com/yettoapp/hephaestus/compare/v0.8.18...v0.8.19
 # [v0.8.18] - 24-03-2025
 ## What's Changed
 * Silence 404 API routes by @gjtorikian in https://github.com/yettoapp/hephaestus/pull/118

data/app/assets/tailwind/application.css

@@ -0,0 +1 @@
+@import "tailwindcss";

data/app/controllers/concerns/hephaestus/session_auth.rb

@@ -0,0 +1,10 @@
+# typed: false
+# frozen_string_literal: true
+
+module Hephaestus
+  module SessionAuth
+    def logged_in?
+      not_found if session[:logged_in].blank?
+    end
+  end
+end

data/app/controllers/concerns/hephaestus/validates_with_basic_auth.rb

@@ -0,0 +1,12 @@
+# typed: false
+# frozen_string_literal: true
+
+module Hephaestus
+  module ValidatesWithBasicAuth
+    include ActionController::HttpAuthentication::Basic::ControllerMethods
+
+    def validate_basic_auth
+      http_basic_authenticate_or_request_with(name: "billy", password: Hephaestus::STAFF_PASSWORD)
+    end
+  end
+end

data/app/controllers/hephaestus/staff_controller.rb

@@ -3,18 +3,22 @@
 
 module Hephaestus
   class StaffController < ApplicationController
-    layout "staff"
+    include SessionAuth
+
+    include Hephaestus::ValidatesWithBasicAuth
+
+    before_action :require_staff
 
     class << self
-      def staff_request?(request)
-        return true if Rails.env.development?
+      def valid_request?(request)
+        # return true if Rails.env.development?
 
-        true
+        http_basic_authenticate_with(name: "billy", password: Hephaestus::STAFF_PASSWORD)
       end
     end
 
-    def index
-      render404 unless StaffController.staff_request?(request)
+    private def require_staff
+      not_found unless StaffController.valid_request?(request)
     end
   end
 end

data/app/jobs/hephaestus/update_yetto_job.rb

@@ -11,10 +11,10 @@ module Hephaestus
       type = params.delete(:type)
       params.deep_symbolize_keys!
 
-      inbox_id = params.fetch(:inbox, {}).fetch(:id, nil)
-      plug_installation_id = params.fetch(:plug_installation, {}).fetch(:id, nil)
-      conversation_id = params.fetch(:conversation, {}).fetch(:id, nil)
-      message_id = params.fetch(:message, {}).fetch(:id, nil)
+      inbox_id = params.dig(:inbox, :id)
+      plug_installation_id = params.dig(:plug_installation, :id)
+      conversation_id = params.dig(:conversation, :id)
+      message_id = params.dig(:message, :id)
 
       response = case type
       when "update_plug_installation"

data/app/views/hephaestus/sessions/login.html.erb

@@ -0,0 +1,20 @@
+<div class="flex min-h-full flex-col justify-center px-6 py-12 lg:px-8">
+  <div class="sm:mx-auto sm:w-full sm:max-w-sm">
+    <h2 class="mt-10 text-center text-2xl/9 font-bold tracking-tight text-gray-900">Sign in to your account</h2>
+  </div>
+
+  <div class="mt-10 sm:mx-auto sm:w-full sm:max-w-sm">
+    <form class="space-y-6" action="<%= %>" method="POST">
+      <div>
+        <label for="email" class="block text-sm/6 font-medium text-gray-900">Email address</label>
+        <div class="mt-2">
+          <input type="email" name="email" id="email" autocomplete="email" required class="block w-full rounded-md bg-white px-3 py-1.5 text-base text-gray-900 outline outline-1 -outline-offset-1 outline-gray-300 placeholder:text-gray-400 focus:outline focus:outline-2 focus:-outline-offset-2 focus:outline-indigo-600 sm:text-sm/6">
+        </div>
+      </div>
+
+      <div>
+        <button type="submit" class="flex w-full justify-center rounded-md bg-indigo-600 px-3 py-1.5 text-sm/6 font-semibold text-white shadow-sm hover:bg-indigo-500 focus-visible:outline focus-visible:outline-2 focus-visible:outline-offset-2 focus-visible:outline-indigo-600">Sign in</button>
+      </div>
+    </form>
+  </div>
+</div>

data/app/views/hephaestus/staff/index.html.erb

@@ -0,0 +1,21 @@
+<div class="min-h-screen bg-gray-100">
+  <header class="py-8 bg-white shadow-lg ">
+    <h1 class="text-4xl font-bold text-gray-900 text-center">
+      Hello, staff!
+    </h1>
+    <p class="text-xl text-gray-600 text-center mt-2">
+      (This is for <%= plug_name %> <code><%= Rails.env %></code>)
+    </p>
+  </header>
+
+  <main class="max-w-6xl mx-auto mt-12 px-6">
+    <div class="bg-white rounded-xl shadow-lg p-8">
+      <ul class="space-y-6 flex flex-col items-center">
+        <li>
+          <%= link_to "Jobs Dashboard", "/staff/jobs", class: "text-xl text-indigo-600 hover:text-indigo-500 font-semibold hover:underline transition-all duration-200 ease-in-out" %>
+        </li>
+        <%# Add more links here as needed %>
+      </ul>
+    </div>
+  </main>
+</div>

data/app/views/layouts/hephaestus/application.html.erb

@@ -0,0 +1 @@
+<%= yield %>

data/app/views/layouts/hephaestus/staff.html.erb

@@ -0,0 +1,17 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title></title>
+  <%= csrf_meta_tags %>
+  <%= csp_meta_tag %>
+
+  <%= yield :head %>
+
+  <%= stylesheet_link_tag "tailwind", media: "all" %>
+</head>
+<body>
+
+<%= yield %>
+
+</body>
+</html>

data/config/initializers/admin_constraint.rb

@@ -0,0 +1,10 @@
+# typed: false
+# frozen_string_literal: true
+
+class AdminConstraint
+  class << self
+    def matches?(request)
+      request.env["HTTP_AUTHORIZATION"] == "Basic " + Base64.strict_encode64("billy:#{Hephaestus::STAFF_PASSWORD}")
+    end
+  end
+end

data/config/initializers/environment.rb

@@ -143,4 +143,6 @@ module Hephaestus
     label: "YETTO_PLUG_ID",
     default: "plug-id",
   )
+
+  STAFF_PASSWORD = fetch_infra_secret(label: "STAFF_PASSWORD", default: "password")
 end

data/config/routes.rb

@@ -1,8 +1,17 @@
 # typed: false
 # frozen_string_literal: true
 
-# this file doesn't actually do anything; consumed routes are
-# in lib/hephaestus/engine.rb
+#############################################################################
+#  _____ _____ _____ ____  _ _ _
+# |  |  |  _  |     |    \| | | |
+# |  |  |     | | | |  |  | | | |
+#  \___/|__|__|_|_|_|____/|_____|
+#
+# THIS FILE DOES NOT DO ANYTHING!
+# ALL ROUTES ARE DEFINED IN:
+# lib/hephaestus/engine.rb#insert_routes
+#############################################################################
+
 Hephaestus::Engine.routes.draw do
   resources :settings, only: [:new, :edit]
 

data/lib/hephaestus/engine.rb

@@ -45,9 +45,9 @@ module Hephaestus
       def insert_routes
         Rails.application.routes.draw do
           # Staff pages
-          get("staff", to: "staff#index")
+          get("staff", to: "hephaestus/staff#index")
 
-          constraints(->(request) { StaffController.staff_request?(request) }) do
+          constraints(AdminConstraint) do
             mount(MissionControl::Jobs::Engine, at: "staff/jobs", as: :staff_jobs)
           end
 

data/lib/hephaestus/version.rb

@@ -2,7 +2,7 @@
 # frozen_string_literal: true
 
 module Hephaestus
-  VERSION = "0.8.18"
+  VERSION = "0.8.19"
   RAILS_VERSION = ">= 8.0"
   RUBY_VERSION = File
     .read("#{File.dirname(__FILE__)}/../../.ruby-version")

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: hephaestus
 version: !ruby/object:Gem::Version
-  version: 0.8.18
+  version: 0.8.19
 platform: ruby
 authors:
 - Garen Torikian
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2025-03-24 00:00:00.000000000 Z
+date: 2025-04-08 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bootsnap
@@ -178,6 +178,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '1.5'
+- !ruby/object:Gem::Dependency
+  name: propshaft
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.1'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.1'
 - !ruby/object:Gem::Dependency
   name: puma
   requirement: !ruby/object:Gem::Requirement
@@ -290,6 +304,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '2.0'
+- !ruby/object:Gem::Dependency
+  name: tailwindcss-rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '4.2'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '4.2'
 - !ruby/object:Gem::Dependency
   name: opentelemetry-exporter-otlp
   requirement: !ruby/object:Gem::Requirement
@@ -346,20 +374,6 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '1.10'
-- !ruby/object:Gem::Dependency
-  name: propshaft
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '1.1'
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '1.1'
 - !ruby/object:Gem::Dependency
   name: dotenv-rails
   requirement: !ruby/object:Gem::Requirement
@@ -389,8 +403,11 @@ files:
 - CHANGELOG.md
 - LICENSE.txt
 - README.md
+- app/assets/tailwind/application.css
 - app/controllers/concerns/hephaestus/responses.rb
+- app/controllers/concerns/hephaestus/session_auth.rb
 - app/controllers/concerns/hephaestus/validates_from_yetto.rb
+- app/controllers/concerns/hephaestus/validates_with_basic_auth.rb
 - app/controllers/hephaestus/application_controller.rb
 - app/controllers/hephaestus/root_controller.rb
 - app/controllers/hephaestus/settings_controller.rb
@@ -401,14 +418,17 @@ files:
 - app/serializers/hephaestus/error_serializer.rb
 - app/serializers/hephaestus/headers.rb
 - app/services/hephaestus/yetto_service.rb
-- app/views/layouts/staff.html.erb
-- app/views/staff/index.html.erb
+- app/views/hephaestus/sessions/login.html.erb
+- app/views/hephaestus/staff/index.html.erb
+- app/views/layouts/hephaestus/application.html.erb
+- app/views/layouts/hephaestus/staff.html.erb
 - bin/hephaestus
 - config/database.yml
 - config/environments/development.rb
 - config/environments/production.rb
 - config/environments/staging.rb
 - config/environments/test.rb
+- config/initializers/admin_constraint.rb
 - config/initializers/application.rb
 - config/initializers/cors.rb
 - config/initializers/environment.rb

data/app/views/layouts/staff.html.erb

@@ -1,7 +0,0 @@
-<div class="container">
-  <h1>Staff page</h1>
-  <div class="row">
-    <div class="col-md-12">
-      <%= yield %>
-    </div>
-  </div>

data/app/views/staff/index.html.erb

@@ -1 +0,0 @@
-Hello, staff!