From d0755756adaf8e1b34d99a7d46d7f523c4ebe61c Mon Sep 17 00:00:00 2001
From: Richard Hallett <rhallett@datacite.org>
Date: Wed, 2 Oct 2019 09:09:25 +0200
Subject: [PATCH] Basic auth prompt for exports

---
 app/controllers/application_controller.rb | 16 ++++++++++++++--
 app/controllers/export_controller.rb      |  2 +-
 config/application.rb                     |  1 +
 3 files changed, 16 insertions(+), 3 deletions(-)

diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 7252fef37..770326092 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -1,4 +1,5 @@
 class ApplicationController < ActionController::API
+  include ActionController::HttpAuthentication::Basic::ControllerMethods
   include Authenticable
   include CanCan::ControllerAdditions
   include ErrorSerializable
@@ -52,6 +53,17 @@ def default_format_json
     request.format = :json if request.format.html?
   end
 
+  def authenticate_user_with_basic_auth!
+    @user = authenticate_user!
+
+    if !@user
+      request_http_basic_authentication(realm = ENV['REALM'])
+    end
+    puts @user.role_id
+
+    @user
+  end
+
   def authenticate_user!
     type, credentials = type_and_credentials_from_request_headers
     return false unless credentials.present?
@@ -83,7 +95,7 @@ def authenticated_user
                when "ActionController::UnknownFormat" then 406
                when "ActiveRecord::RecordNotUnique" then 409
                when "ActiveModel::ForbiddenAttributesError", "ActionController::ParameterMissing", "ActionController::UnpermittedParameters", "ActiveModelSerializers::Adapter::JsonApi::Deserialization::InvalidDocument" then 422
-               when "SocketError" then 500 
+               when "SocketError" then 500
                else 400
                end
 
@@ -135,7 +147,7 @@ def set_raven_context
     else
       Raven.user_context(
         ip_address: request.ip
-      ) 
+      )
     end
   end
 end
diff --git a/app/controllers/export_controller.rb b/app/controllers/export_controller.rb
index 8552703b9..49f41ed1f 100644
--- a/app/controllers/export_controller.rb
+++ b/app/controllers/export_controller.rb
@@ -1,7 +1,7 @@
 class ExportController < ApplicationController
     include ActionController::MimeResponds
 
-    before_action :authenticate_user!
+    before_action :authenticate_user_with_basic_auth!
 
     def contacts
         authorize! :export, :contacts
diff --git a/config/application.rb b/config/application.rb
index 516a1dbfc..3c35f52e2 100644
--- a/config/application.rb
+++ b/config/application.rb
@@ -56,6 +56,7 @@
 ENV['MG_FROM'] ||= "support@datacite.org"
 ENV['MG_DOMAIN'] ||= "mg.datacite.org"
 ENV['HANDLES_MINTED'] ||= "10132"
+ENV['REALM'] ||= ENV['API_URL']
 
 module Lupo
   class Application < Rails::Application