I can't log in on Heroku when I introduce Basic authentication.

スクリーンショット 2020-11-04 17.42.50.png

background

I want to introduce Basic authentication and provide the minimum required security. I have introduced it twice in the past as a practice of Basic authentication, and at that time it was smooth, so I wanted to introduce it this time as well. However, when I actually installed it, although it worked normally in the local environment and I could log in, it was played even with the correct user name and password in the production environment.

What went

First, to check the current situation, I checked again how it would be displayed on git push heroku master.

% git push heroku master
Everything up-to-date

Since everything is up to date, I hypothesized that I had committed on github or executed a command such as git push heroku master before setting the environment variables. After making an empty commit, I thought I needed to do git push heroku master again, so I ran it.

% git commit --allow-empty -m "Commit name"

% git push heroku master
But I couldn't log in.

Cause

The description in private described in application_controller.rb did not match the name of the environment variable provided on heroku.

app/controllers/application_controller.rb


  def basic_auth
    authenticate_or_request_with_http_basic do |username, password|
      username == ENV["BASIC_AUTH_USER"] && password == ENV["BASIC_AUTH_PASSWORD"]
    end
  end
% heroku config

===App name Config Vars
BASIC_AUTH_PASSWORD:      *****
BASIC_AUTH_USERNAME:      *****

approach

You can change it to the same name so that both environment variables are linked. In this case, if you unify it to USERNAME or USER and upload it to Heroku, you can log in normally.

Recommended Posts

I can't log in on Heroku when I introduce Basic authentication.
Introduce Rails/Basic authentication on Heroku.
I can't log in to MySQL from Django when using docker-compose
Introducing Basic Authentication on Heroku [Spring Framework]
I can't overwrite information on columns in rails console ...
How to introduce Basic authentication
Implement Basic authentication in Java
[Rails] I can post S3 images in my local environment, but I can't switch to S3 on Heroku.
I want to display background-ground-image on heroku.
I can't install rails on my mac