Add basic auth

For now this uses the SUPPORT_USERNAME/PASSWORD env vars.
DFE-Digital · Jul 12, 2023 · 00456e4 · 00456e4
1 parent a5f0b4d
commit 00456e4
Show file tree

Hide file tree

Showing 2 changed files with 31 additions and 2 deletions.
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
@@ -1,3 +1,18 @@
 class ApplicationController < ActionController::Base
   default_form_builder(GOVUKDesignSystemFormBuilder::FormBuilder)
+
+  before_action :authenticate
+
+  def authenticate
+    valid_credentials = [
+      {
+        username: ENV.fetch("SUPPORT_USERNAME", "support"),
+        password: ENV.fetch("SUPPORT_PASSWORD", "support"),
+      },
+    ]
+
+    authenticate_or_request_with_http_basic do |username, password|
+      valid_credentials.include?({ username:, password: })
+    end
+  end
 end
diff --git a/spec/requests/pages_spec.rb b/spec/requests/pages_spec.rb
@@ -2,9 +2,23 @@
 
 RSpec.describe "Pages", type: :request do
   describe "GET /home" do
-    it "returns http success" do
+    it "requires authentication" do
       get "/"
-      expect(response).to have_http_status(:success)
+      expect(response).to have_http_status(:unauthorized)
+    end
+
+    context "with valid basic auth credentials" do
+      let(:credentials) do
+        ActionController::HttpAuthentication::Basic.encode_credentials(
+          ENV.fetch("SUPPORT_USERNAME", "support"),
+          ENV.fetch("SUPPORT_PASSWORD", "support")
+        )
+      end
+
+      it "returns http success" do
+        get "/", env: { "HTTP_AUTHORIZATION" => credentials }
+        expect(response).to have_http_status(:success)
+      end
     end
   end
 end