Sha256: 5dba0e486d53aa21714160f46d75757fbcd69bf8abc0de1f3da52a28dc5d5fd7
Contents?: true
Size: 1.54 KB
Versions: 1
Compression:
Stored size: 1.54 KB
Contents
# frozen_string_literal: true
# Idea taken from https://github.com/mperham/sidekiq/issues/2460#issuecomment-125694743
module SidekiqWebGoogleAuth
class Extension
class << self
attr_accessor :authorized_emails, :authorized_emails_domains
def valid_email?(email)
authorized_emails.empty? || authorized_emails.include?(email)
end
def valid_email_domain?(email)
authorized_emails_domains.empty? || authorized_emails_domains.include?(email[/(?<=@).+/])
end
def registered(app) # rubocop:disable Metrics/MethodLength
app.before do
if !session[:authenticated] && !request.path_info.start_with?("/auth")
redirect("#{root_path}auth/page")
end
end
app.get "/auth/page" do
"Please <a href='#{root_path}auth/oauth'>authenticate via Google</a>."
end
app.get "/auth/oauth/callback" do
auth = request.env["omniauth.auth"]
ext = SidekiqWebGoogleAuth::Extension
if auth && ext.valid_email?(auth.info.email) && ext.valid_email_domain?(auth.info.email)
session[:authenticated] = true
redirect(root_path)
else
OmniAuth.logger.warn(
"Someone unauthorized is trying to gain access to Sidekiq: #{auth.info}",
)
redirect("#{root_path}auth/page")
end
end
app.get "/logout" do
session.clear
redirect(root_path)
end
app.tabs["Logout"] = "logout"
end
end
end
end
Version data entries
1 entries across 1 versions & 1 rubygems
| Version | Path |
|---|---|
| sidekiq_web_google_auth-0.1.2 | lib/sidekiq_web_google_auth/extension.rb |