Secure faye publishing

2014-08-29 16:37:15 +02:00
parent ee603bdf28
commit afc604bb69
4 changed files with 6 additions and 6 deletions
@@ -1,12 +1,12 @@
 require 'faye'
+require 'pry'
 #require File.expand_path('../config/initializers/faye_token.rb', __FILE__)
 setproctitle('mozo_faye') if respond_to?(:setproctitle)
+VALID_TOKENS = ['6be65f9b5e7d21b8ca8de4ccfad5ba24cf40d440b370af79']
 class ServerAuth
  def incoming(message, callback)
    if message['channel'] !~ %r{^/meta/}
-      if false && message['ext']['auth_token'] != FAYE_TOKEN
-        message['error'] = 'Invalid authentication token'
-      end
+      message['error'] = 'Invalid authentication token' unless message['ext'] && VALID_TOKENS.include?(message['ext']['auth_token'])
    end
    callback.call(message)
  end