Geek asks and answers

ActiveAdmin: how to configure basic HTTP authentication?

I want to set up basic authentication for ActiveAdmin, whose internal solution is not applicable to my case. To do this, I would like to be able to add middleware to the ActiveAdmin Engine before it is included in my application. What I managed to do:

ActiveAdmin::Engine.configure do |config|
  config.middleware.use Rack::Auth::Basic do |username, password|
    username == 'admin' && password == 'root'
  end  
end

But apparently this does not make it work, since my active admin routes still remain insecure. How can I do this effectively? And no, I don’t want to protect the whole site with basic authentication.

+5
source share
3 answers

Here are some ideas:

# app/controllers/application_controller.rb

class ApplicationController < ActionController::Base

  # ...
  http_basic_authenticate_with :name => "frodo", :password => "thering", :if => :admin_controller?

  def admin_controller?
    self.class < ActiveAdmin::BaseController
  end

Or version of monkeypatching

# config/initializers/active_admin.rb

# somewhere outside the setup block

class ActiveAdmin::BaseController
  http_basic_authenticate_with :name => "frodo", :password => "thering"
end

If you only want to protect certain resources, you can use the controller block:

# app/admin/users.rb

ActiveAdmin.register Users do
  controller do
    http_basic_authenticate_with :name => "frodo", :password => "thering"
  end

  # ...
end

, config/initializers/active_admin.rb , :

# app/admin/users.rb

ActiveAdmin.setup do |config|
  config.controller do
    http_basic_authenticate_with :name => "frodo", :password => "thering"
  end

  # ...
end

, , ActiveAdmin ( , , - -...)

, , .

: :

: before_filter activeadmin .

# config/initializers/active_admin.rb

ActiveAdmin.setup do |config|
  # ...
  config.before_filter do
    authenticate_or_request_with_http_basic("Whatever") do |name, password|
      name == "frodo" && password == "thering"
    end
  end
end

... . , - application_controller, , :

# app/controllers/application_controller.rb

class ApplicationController < ActionController::Base

  def authenticate_admin
    authenticate_or_request_with_http_basic("Whatever") do |name, password|
      name == "frodo" && password == "thering"
    end
  end
end



# config/initializers/active_admin.rb

ActiveAdmin.setup do |config|
  # ...
  config.authentication_method = :authenticate_admin
end
+13

- ActiveAdmin, :

# app/admin/dashboard.rb
controller do
  http_basic_authenticate_with :name => "mega-admin", :password => "supersecret"
end

; -)

-1

:

  # app/controllers/application_controller.rb
  protected
  def authenticate
    authenticate_or_request_with_http_basic do |username, password|
      username == "admin" && password == "superpassword"
    end
  end

# config/initializers/active_admin.rb
config.before_filter :authenticate

ist,

before_filter:

, .

-1

More articles:


All Articles