开发模式下的密码保护 Mongrel

发布于 2024-10-25 05:20:51 字数 448 浏览 2 评论 0原文

我有一个客户担心有人可能会发现我们开发服务器的 IP 并试图在我们发布新功能之前窃取它们。 (因为我们有外部链接和嵌入,所以可以在测试时进行回溯)。我一直在寻找一种仅在开发模式下使用密码保护服务器的方法(我不想在每次部署之前都更改代码)。我正在考虑通过控制器进行超级基本身份验证,例如:

if RAILS_ENV == "development"
  collect = require_password #some action or method or something here... Figure it out later...
  if collect != "foobar"
    redirect_to "http://www.google.com"
  end
end

我觉得这是一种奇怪的愚蠢方式,但是,这并不是我们需要史诗般的安全性,只是为了让那些可能在开发模式下偶然发现网站的人感到困惑。

I have a client who is concerned that someone may discover the IP of our development server and attempt to steal new features before we release them. (Because we have external links and embeds, it is possible to track back while testing). I was looking for a way to password protect the server ONLY in development mode (I don't want to have to change code before every deployment). I was thinking of doing super basic authentication through a controller like:

if RAILS_ENV == "development"
  collect = require_password #some action or method or something here... Figure it out later...
  if collect != "foobar"
    redirect_to "http://www.google.com"
  end
end

I feel like this is an oddly stupid way of doing this, however, it's not like we need epic security, just something to fumble people who might stumble across the site in development mode.

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(1

倒数 2024-11-01 05:20:51

在您的控制器中添加以下行

  USER_NAME, PASSWORD = "user", "password"
  before_filter :authenticate_testing

before_filter 的代码如下所示

 def authenticate_testing
   if Rails.env.development?
    authenticate_or_request_with_http_basic do |user_name, password|
      user_name == USER_NAME && password == PASSWORD
    end
   end
 end

In your controller add the following lines

  USER_NAME, PASSWORD = "user", "password"
  before_filter :authenticate_testing

The code for before_filter looks like this

 def authenticate_testing
   if Rails.env.development?
    authenticate_or_request_with_http_basic do |user_name, password|
      user_name == USER_NAME && password == PASSWORD
    end
   end
 end
~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文