Basic auth prompt for exports

datacite · Oct 2, 2019 · d075575 · d075575
1 parent 74b36d7
commit d075575
Show file tree

Hide file tree

Showing 3 changed files with 16 additions and 3 deletions.
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
@@ -1,4 +1,5 @@
 class ApplicationController < ActionController::API
+  include ActionController::HttpAuthentication::Basic::ControllerMethods
   include Authenticable
   include CanCan::ControllerAdditions
   include ErrorSerializable
@@ -52,6 +53,17 @@ def default_format_json
     request.format = :json if request.format.html?
   end
 
+  def authenticate_user_with_basic_auth!
+    @user = authenticate_user!
+
+    if !@user
+      request_http_basic_authentication(realm = ENV['REALM'])
+    end
+    puts @user.role_id
+
+    @user
+  end
+
   def authenticate_user!
     type, credentials = type_and_credentials_from_request_headers
     return false unless credentials.present?
@@ -83,7 +95,7 @@ def authenticated_user
                when "ActionController::UnknownFormat" then 406
                when "ActiveRecord::RecordNotUnique" then 409
                when "ActiveModel::ForbiddenAttributesError", "ActionController::ParameterMissing", "ActionController::UnpermittedParameters", "ActiveModelSerializers::Adapter::JsonApi::Deserialization::InvalidDocument" then 422
-               when "SocketError" then 500 
+               when "SocketError" then 500
                else 400
                end
 
@@ -135,7 +147,7 @@ def set_raven_context
     else
       Raven.user_context(
         ip_address: request.ip
-      ) 
+      )
     end
   end
 end
diff --git a/app/controllers/export_controller.rb b/app/controllers/export_controller.rb
@@ -1,7 +1,7 @@
 class ExportController < ApplicationController
     include ActionController::MimeResponds
 
-    before_action :authenticate_user!
+    before_action :authenticate_user_with_basic_auth!
 
     def contacts
         authorize! :export, :contacts

diff --git a/config/application.rb b/config/application.rb
@@ -56,6 +56,7 @@
 ENV['MG_FROM'] ||= "[email protected]"
 ENV['MG_DOMAIN'] ||= "mg.datacite.org"
 ENV['HANDLES_MINTED'] ||= "10132"
+ENV['REALM'] ||= ENV['API_URL']
 
 module Lupo
   class Application < Rails::Application