2018-12-12 19:06:48 -05:00
|
|
|
# The base class for all Active Mailbox ingress controllers.
|
2018-10-06 22:02:08 -04:00
|
|
|
class ActionMailbox::BaseController < ActionController::Base
|
|
|
|
skip_forgery_protection
|
|
|
|
|
2018-11-05 12:39:37 -05:00
|
|
|
def self.prepare
|
|
|
|
# Override in concrete controllers to run code on load.
|
|
|
|
end
|
|
|
|
|
2018-11-05 09:11:01 -05:00
|
|
|
before_action :ensure_configured
|
|
|
|
|
2018-10-06 22:02:08 -04:00
|
|
|
private
|
2018-11-05 09:11:01 -05:00
|
|
|
def ensure_configured
|
|
|
|
unless ActionMailbox.ingress == ingress_name
|
|
|
|
head :not_found
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def ingress_name
|
2018-12-13 10:05:53 -05:00
|
|
|
self.class.name.remove(/\AActionMailbox::Ingresses::/, /::InboundEmailsController\z/).underscore.to_sym
|
2018-11-05 09:11:01 -05:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
|
|
def authenticate_by_password
|
|
|
|
if password.present?
|
|
|
|
http_basic_authenticate_or_request_with username: "actionmailbox", password: password, realm: "Action Mailbox"
|
2018-10-29 13:45:24 -04:00
|
|
|
else
|
|
|
|
raise ArgumentError, "Missing required ingress credentials"
|
2018-10-06 22:02:08 -04:00
|
|
|
end
|
|
|
|
end
|
2018-10-29 14:19:46 -04:00
|
|
|
|
2018-11-05 09:11:01 -05:00
|
|
|
def password
|
|
|
|
Rails.application.credentials.dig(:action_mailbox, :ingress_password) || ENV["RAILS_INBOUND_EMAIL_PASSWORD"]
|
|
|
|
end
|
|
|
|
|
|
|
|
|
2018-10-29 14:19:46 -04:00
|
|
|
# TODO: Extract to ActionController::HttpAuthentication
|
|
|
|
def http_basic_authenticate_or_request_with(username:, password:, realm: nil)
|
|
|
|
authenticate_or_request_with_http_basic(realm || "Application") do |given_username, given_password|
|
|
|
|
ActiveSupport::SecurityUtils.secure_compare(given_username, username) &
|
|
|
|
ActiveSupport::SecurityUtils.secure_compare(given_password, password)
|
|
|
|
end
|
|
|
|
end
|
2018-10-06 22:02:08 -04:00
|
|
|
end
|