ditkrg/rswag
5
0
Fork 0
mirror of https://github.com/ditkrg/rswag.git synced 2026-01-25 15:22:56 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: Scope auth to swagger endpoints

Browse Source
This commit is contained in:
Austin Kabiru
2018-12-03 11:02:57 +03:00
parent 875bbfa04b
commit 529cfae73e
4 changed files with 124 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
rswag-ui/lib/rswag/ui/configuration.rb
View File

@@ -1,4 +1,5 @@
require 'ostruct'
require 'rack'
module Rswag
module Ui

26
rswag-ui/lib/rswag/ui/engine.rb
View File

@@ -1,5 +1,29 @@
require 'rswag/ui/middleware'
class UiBasicAuth < ::Rack::Auth::Basic
def call(env)
return @app.call(env) unless env_matching_path
super(env)
end
private
def env_matching_path
swagger_endpoints = Rswag::Ui.config.swagger_endpoints[:urls]
swagger_endpoints.find do |endpoint|
base_path = base_path(endpoint[:url])
env_base_path = base_path(env['PATH_INFO'])
base_path == env_base_path
end
end
def base_path(url)
url.downcase.split('/')[1]
end
end
module Rswag
module Ui
class Engine < ::Rails::Engine
@@ -10,7 +34,7 @@ module Rswag
if Rswag::Ui.config.basic_auth_enabled
c = Rswag::Ui.config
app.middleware.use ::Rack::Auth::Basic do |username, password|
app.middleware.use UiBasicAuth do |username, password|
c.config_object[:basic_auth].values == [username, password]
end
end