diff options
Diffstat (limited to 'app/controllers/admin_controller.rb')
| -rw-r--r-- | app/controllers/admin_controller.rb | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/app/controllers/admin_controller.rb b/app/controllers/admin_controller.rb index 004d460c5..8598091d9 100644 --- a/app/controllers/admin_controller.rb +++ b/app/controllers/admin_controller.rb @@ -10,7 +10,7 @@ require 'fileutils' class AdminController < ApplicationController layout "admin" - before_filter :assign_http_auth_user + before_filter :authenticate protect_from_forgery # See ActionController::RequestForgeryProtection for details # action to take if expecting an authenticity token and one isn't received @@ -44,5 +44,15 @@ class AdminController < ApplicationController expire_for_request(info_request) end end + private + def authenticate + username = MySociety::Config.get('ADMIN_USERNAME', '') + password = MySociety::Config.get('ADMIN_PASSWORD', '') + if !(username && password).empty? + authenticate_or_request_with_http_basic do |user_name, password| + user_name == username && password == password + end + end + end end |