如何使用密码保护我的/sidekiq 路由(即需要对 Sidekiq::Web 工具进行身份验证)? [英] How can I password-protect my /sidekiq route (i.e. require authentication for the Sidekiq::Web tool)?
本文介绍了如何使用密码保护我的/sidekiq 路由(即需要对 Sidekiq::Web 工具进行身份验证)?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我在 Rails 应用程序中使用 sidekiq.默认情况下,任何人都可以通过在 url 后附加/sidekiq"来访问 Sidekiq.我只想密码保护/验证 sidekiq 部分.我该怎么做?
I am using sidekiq in my rails application. By Default, Sidekiq can be accessed by anybody by appending "/sidekiq" after the url. I want to password protect / authenticate only the sidekiq part. How can i do that?
推荐答案
将以下内容放入您的 sidekiq 初始化程序
Put the following into your sidekiq initializer
require 'sidekiq'
require 'sidekiq/web'
Sidekiq::Web.use(Rack::Auth::Basic) do |user, password|
# Protect against timing attacks:
# - See https://codahale.com/a-lesson-in-timing-attacks/
# - See https://thisdata.com/blog/timing-attacks-against-string-comparison/
# - Use & (do not use &&) so that it doesn't short circuit.
# - Use digests to stop length information leaking
Rack::Utils.secure_compare(::Digest::SHA256.hexdigest(user), ::Digest::SHA256.hexdigest(ENV["SIDEKIQ_USER"])) &
Rack::Utils.secure_compare(::Digest::SHA256.hexdigest(password), ::Digest::SHA256.hexdigest(ENV["SIDEKIQ_PASSWORD"]))
end
在路由文件中:
mount Sidekiq::Web => '/sidekiq'
这篇关于如何使用密码保护我的/sidekiq 路由(即需要对 Sidekiq::Web 工具进行身份验证)?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
