Use Rails credentials for dashboard

pawurb · Jan 4, 2025 · 1a0ad2d · 1a0ad2d
1 parent 2249498
commit 1a0ad2d
Show file tree

Hide file tree

Showing 3 changed files with 18 additions and 5 deletions.
diff --git a/README.md b/README.md
@@ -135,7 +135,7 @@ You can enable UI using a Rails engine by adding the following code in `config/r
   mount RailsPgExtras::Web::Engine, at: 'pg_extras'
 ```
 
-You can enable HTTP basic auth by specifying `RAILS_PG_EXTRAS_USER` and `RAILS_PG_EXTRAS_PASSWORD` variables. Authentication is mandatory unless you specify `RAILS_PG_EXTRAS_PUBLIC_DASHBOARD=true` or setting `RailsPgExtras.configuration.public_dashboard` to `true`.
+You can enable HTTP basic auth by specifying `Rails.application.credentials.pg_extras.user` (or `RAILS_PG_EXTRAS_USER`) and `Rails.application.credentials.pg_extras.user` (or `RAILS_PG_EXTRAS_PASSWORD`) values. Authentication is mandatory unless you specify `RAILS_PG_EXTRAS_PUBLIC_DASHBOARD=true` or set `RailsPgExtras.configuration.public_dashboard = true`.
 
 You can configure available web actions in `config/initializers/rails_pg_extras.rb`:
 

diff --git a/app/controllers/rails_pg_extras/web/application_controller.rb b/app/controllers/rails_pg_extras/web/application_controller.rb
@@ -14,14 +14,27 @@ class ApplicationController < ActionController::Base
 
     ACTIONS = %i[kill_all pg_stat_statements_reset add_extensions]
 
-    if ENV["RAILS_PG_EXTRAS_USER"].present? && ENV["RAILS_PG_EXTRAS_PASSWORD"].present?
-      http_basic_authenticate_with name: ENV.fetch("RAILS_PG_EXTRAS_USER"), password: ENV.fetch("RAILS_PG_EXTRAS_PASSWORD")
+    user = get_user
+    password = get_password
+
+    if user.present? && password.present?
+      http_basic_authenticate_with name: user, password: password
     end
 
     def validate_credentials!
-      if (ENV["RAILS_PG_EXTRAS_USER"].blank? || ENV["RAILS_PG_EXTRAS_PASSWORD"].blank?) && !RailsPgExtras.configuration.public_dashboard
+      if (get_user.blank? || get_password.blank?) && RailsPgExtras.configuration.public_dashboard != true
         raise "Missing credentials for rails-pg-extras dashboard! If you want to enable public dashboard please set RAILS_PG_EXTRAS_PUBLIC_DASHBOARD=true"
       end
     end
+
+    private
+
+    def get_user
+      Rails.application.try(:credentials).try(:pg_extras).try(:user) || ENV["RAILS_PG_EXTRAS_USER"]
+    end
+
+    def get_password
+      Rails.application.try(:credentials).try(:pg_extras).try(:password) || ENV["RAILS_PG_EXTRAS_PASSWORD"]
+    end
   end
 end
diff --git a/lib/rails_pg_extras/version.rb b/lib/rails_pg_extras/version.rb
@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module RailsPgExtras
-  VERSION = "5.4.5"
+  VERSION = "5.5.0"
 end