search

obfuscurity / descartes

Introspective dashboard for Graphite
MIT License
502 stars 65 forks source link

support noauth #143

Open akvadrako opened 10 years ago

akvadrako commented 10 years ago

Hopefully this patch is unintrusive enough

damm commented 10 years ago

Looking back I thought #136 covered this very well

marianogg9 commented 10 years ago

@damm @brntbeer @akvadrako hi guys. I'm fighting with this authentication issue for a while now, I'm not sure if I can apply any of these hacks to my config.ru to get foreman running. Also I've taken a look a this one https://github.com/damm/descartes/commit/84e3d4a239ee9e8ffc87ed70d6569eee729a4d74 but I can't figure it out how to apply those changes. Here's my config,ru:

$stdout.sync = true $:.unshift File.dirname(FILE) + '/lib' require 'descartes/web' require 'descartes/github_auth' require 'rack-canonical-host'

use Rack::CanonicalHost do case ENV['RACK_ENV'].to_sym when :production then ENV['CANONICAL_HOST'] if defined?ENV['CANONICAL_HOST'] end end

use Rack::Session::Cookie, :key => 'rack.session', :expire_after => 1209600, :secret => (ENV['SESSION_SECRET'] || raise('missing SESSION_SECRET'))

use OmniAuth::Builder do provider :google_apps, :store => OpenID::Store::Redis.new(Redis.connect(:url => ENV['REDISTOGO_URL']) || OpenID::Store::Redis.new(Redis.connect(:url => 'redis://localhost:6379/1'))), :name => 'google', :domain => ENV['GOOGLE_OAUTH_DOMAIN'] end

class Descartes::NoAuth < Sinatra::Base before do session['user'] = { 'uid' => 'anonymous', 'email' => 'noemail' } redirect '/' end end

run Rack::URLMap.new('/' => Descartes::Web, '/auth/github' => Descartes::GithubAuth, '/auth/noauth' => Descartes::NoAuth)

OAuth type (either 'google' or 'github' or 'noauth') OAUTH_PROVIDER=noauth

I'm still getting the "descartes/config.ru:16:in `block in

': missing SESSION_SECRET (RuntimeError)" error.. If anyone has anything to add, it'd be awesome. Thanks!!!

damm commented 10 years ago

export SESSION_SECRET="somethingrandom"

marianogg9 commented 10 years ago

Thanks @damm and sorry but somethingrandom??? I don't know what it would be suitable. Thanks!

marianogg9 commented 10 years ago

And, is this something I need to add to config.ru? what about .env file?

damm commented 10 years ago

@Mariano-gon It's due to how Sessions are handled (and encryption). It should be unique and random.

http://www.sinatrarb.com/faq.html#sessions

Slightly better could? be http://guides.rubyonrails.org/security.html#session-storage

marianogg9 commented 10 years ago

Thanks @damm. Seems like I'm facing another issue now, I've opened another thread (https://github.com/obfuscurity/descartes/issues/153). One last thing, the .env and config.ru are correct? Thanks!

obfuscurity commented 9 years ago

Man I just realized how badly I want this since a) Google deprecated new registrations for OpenID 2.0 and b) GitHub changed their OAuth too. IOW, neither OAUTH mech works for new deployments. :sob: