Comments (6)
from rails-template.
I wonder whether it would be best to default to having HTTP basic auth turned on for all uat/staging/prod envs? It seems bit safer. What do y'all reckon?
from rails-template.
@eoinkelly do you have some ideas about how we might do that? I've intentionally structured the code in #35 to always apply if there is a basic auth username and password present, so without those I'm unsure how we'd have the auth on by default.
I'm keen to avoid a Rails.env check to determine whether basic auth is enabled or not, since I've found it useful to be able to toggle off and on just with environment variables.
from rails-template.
Could we prompt the user for a username and password as part of the template setup?
from rails-template.
Actually looking at PR #35 I think that what you have is good.
from rails-template.
Closed by 0661daf
from rails-template.
Related Issues (20)
- Upgrade aws-actions/configure-aws-credentials to latest version
- Move from SASS `@import` to `@use`
- Let's add `erblint`
- Disable Rails/SquishedSQLHeredocs rubocop by default
- Remove before_fork, on_worker_boot callbacks from puma config if they are no longer required
- Support Rails 7.1 HOT 2
- Consider using msgpack serialiser
- Rails 7.1 generates Dockerfile by default - integrate it into our Dockerfile HOT 1
- Consider replacing sprockets with propshaft HOT 2
- Discuss adopting Rails 7.1+ config.application_controller.raise_on_missing_callback_actions HOT 2
- Support "documents" as assets out of the box HOT 1
- Use `always` for `SelfClosingTag` in erb-lint HOT 2
- Consider adding TestProf
- Check our parameter sanitisation and filtering for logging & sentry HOT 1
- Move off `axe-matchers`
- Can we make the session cookie SameSite=Strict (currently defaulting to SameSite=Lax)? HOT 1
- Do we want ci to copy example.env instead of having its own list of env vars HOT 1
- Devise variant is consistently failing lighthouse accessibility audit
- Consider setting `action_on_unpermitted_parameters` to `:raise` in development and/or test HOT 1
- Explore moving from devise to Rails 8 authentication generator
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from rails-template.