Add ability to password protect certain pages #636
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
murny
commented
Aug 29, 2024
| protected_paths = ["secret"] | ||
|
|
||
| return unless protected_paths.any? { |protected_path| params["cms_path"].include?(protected_path) } | ||
| authenticate_or_request_with_http_basic do |username, password| |
There was a problem hiding this comment.
If using devise we can just update this to something like redirect_to login_path unless current_user
Draft
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
From #551 Natasha wanted the following functionality:
We can do this by hooking into Comfy's
public_authmethod and adding some authentication logic for this.The logic in this PR just makes any cms page path containing "secret" to be password protected. This could easily be changed or expanded upon.
But this will meet the basic requirements for Natasha's ask. This currently works with the current basic auth system we have in place, but could easily be updated to work with Devise as well.