From bb6b5e336262bc170b0265b361dce74185338a35 Mon Sep 17 00:00:00 2001 From: Etienne Ischer Date: Mon, 3 May 2021 18:10:46 +0200 Subject: [PATCH] add ENV to filter authorized users --- .env.example | 2 ++ app/controllers/users/omniauth_callbacks_controller.rb | 5 +++++ config/locales/devise.en-gb.yml | 1 + 3 files changed, 8 insertions(+) diff --git a/.env.example b/.env.example index 81ab39f..2ed9080 100644 --- a/.env.example +++ b/.env.example @@ -11,3 +11,5 @@ DATABASE_PORT=5432 REDIS_URL= SENTRY_DSN= + +ALLOWED_BNET_USERS="User#1234,User#5678" diff --git a/app/controllers/users/omniauth_callbacks_controller.rb b/app/controllers/users/omniauth_callbacks_controller.rb index 3c14bff..dbc36c0 100644 --- a/app/controllers/users/omniauth_callbacks_controller.rb +++ b/app/controllers/users/omniauth_callbacks_controller.rb @@ -11,6 +11,11 @@ module Users @user = User.from_omniauth(request.env['omniauth.auth']) if @user.persisted? + unless ENV['ALLOWED_BNET_USERS'].split(',').include?(@user.battletag) + set_flash_message(:alert, :not_authorized) + redirect_to root_path + return + end sign_in_and_redirect @user, event: :authentication WowCharactersWorker.perform_async(@user.id) WowMountsCollectionWorker.perform_async(@user.id) diff --git a/config/locales/devise.en-gb.yml b/config/locales/devise.en-gb.yml index 946199e..240af88 100644 --- a/config/locales/devise.en-gb.yml +++ b/config/locales/devise.en-gb.yml @@ -30,6 +30,7 @@ en-gb: omniauth_callbacks: failure: "Could not authenticate you from %{kind} because \"%{reason}\"." success: "Successfully authenticated from %{kind} account." + not_authorized: "Your Bnet account is not authorized to use this app" passwords: no_token: "You can't access this page without coming from a password reset email. If you do come from a password reset email, please make sure you used the full URL provided." send_instructions: "You will receive an email with instructions on how to reset your password in a few minutes."