You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository was archived by the owner on Feb 1, 2023. It is now read-only.
Create a new config file, ./src/config/ah-resque-ui.ts
constnamespace="ah-resque-ui";declare module "actionhero"{exportinterfaceActionheroConfigInterface{[namespace]: ReturnType<typeofDEFAULT[typeofnamespace]>;}}exportconstDEFAULT={[namespace]: ()=>{return{// the name of the middleware(s) which will protect all actions in this plugin// ie middleware: ['logged-in-session', 'role-admin']middleware: []asstring[],};},};
visit https://localhost:8080/resque
Routes
This plugin will inject routes into your application. The routes are equivalent to:
This package exposes some potentially dangerous actions which would allow folks to see user data (if you keep such in your task params), and modify your task queues. To protect these actions, you should configure this package to use action middleware which would restrict these actions to only certain clients.
The most basic middleware would be one to enforce a Basic Auth Password:
npm install basic-auth --save
// File: src/initializers/basic-auth-middleware.jsimport{Initializer,api,action}from"actionhero";importauthfrom"basic-auth";exportclassBasicAuthInitializerextendsInitializer{constructor(){super();this.name="basic-auth";}asyncinitialize(){constcorrectPassword=process.env.BASIC_AUTH_PASSWORD;constmiddleware={name: "basic-auth",global: false,priority: 1000,preProcessor: (data)=>{if(!correctPassword){throw"basic auth password not set up in BASIC_AUTH_PASSWORD env";}const{ res, req }=connection.rawConnection;constcredentials=auth(req);if(!credentials||credentials.pass!==correctPassword){res.statusCode=401;res.setHeader("WWW-Authenticate",'Basic realm="Admin Access"');res.end("Access denied");data.toRender=false;}},};action.addMiddleware(middleware);}}
Now you can apply the basic-auth middleware to your actions to protect them.
To inform ah-resque-ui to use a middleware determined elsewhere like this, set api.config.ah-resque-ui.middleware = ['basic-auth'] in the provided configuration file.
Testing & Developing
You will need 2 terminals:
Start the actionhero server
npm run dev
In another shell, run the webpack to regenerate your changes
npm run ui:watch
Now visit https://localhost:8080/resque in your browser
