add ENV to filter authorized users

2021-05-03 18:10:46 +02:00
parent 1533f539da
commit bb6b5e3362
3 changed files with 8 additions and 0 deletions
--- a/.env.example
+++ b/.env.example
@@ -11,3 +11,5 @@ DATABASE_PORT=5432
 REDIS_URL=

 SENTRY_DSN=
+
+ALLOWED_BNET_USERS="User#1234,User#5678"
--- a/app/controllers/users/omniauth_callbacks_controller.rb
+++ b/app/controllers/users/omniauth_callbacks_controller.rb
@@ -11,6 +11,11 @@ module Users
      @user = User.from_omniauth(request.env['omniauth.auth'])

      if @user.persisted?
+        unless ENV['ALLOWED_BNET_USERS'].split(',').include?(@user.battletag)
+          set_flash_message(:alert, :not_authorized)
+          redirect_to root_path
+          return
+        end
        sign_in_and_redirect @user, event: :authentication
        WowCharactersWorker.perform_async(@user.id)
        WowMountsCollectionWorker.perform_async(@user.id)
--- a/config/locales/devise.en-gb.yml
+++ b/config/locales/devise.en-gb.yml
@@ -30,6 +30,7 @@ en-gb:
    omniauth_callbacks:
      failure: "Could not authenticate you from %{kind} because \"%{reason}\"."
      success: "Successfully authenticated from %{kind} account."
+      not_authorized: "Your Bnet account is not authorized to use this app"
    passwords:
      no_token: "You can't access this page without coming from a password reset email. If you do come from a password reset email, please make sure you used the full URL provided."
      send_instructions: "You will receive an email with instructions on how to reset your password in a few minutes."