From c8ad6e4cee134306c599885149a40803365be402 Mon Sep 17 00:00:00 2001
From: Simon Mayer <simon.mayer@onb.ac.at>
Date: Wed, 14 Sep 2022 16:26:50 +0200
Subject: [PATCH] Add environment variable queries for action_cable_url,
 redirect_url, private_key (for authentication) and removed old credentials
 file

---
 app/controllers/concerns/authentication.rb | 3 +--
 app/controllers/dataset_controller.rb      | 6 +++---
 config/credentials.yml.enc                 | 1 -
 config/environments/development.rb         | 2 +-
 4 files changed, 5 insertions(+), 7 deletions(-)
 delete mode 100644 config/credentials.yml.enc

diff --git a/app/controllers/concerns/authentication.rb b/app/controllers/concerns/authentication.rb
index 9694605..a64e42a 100644
--- a/app/controllers/concerns/authentication.rb
+++ b/app/controllers/concerns/authentication.rb
@@ -41,8 +41,7 @@ module Authentication
   end
 
   def decrypt_header(token)
-    # TODO: store private key somewhere
-    private_key = "OFE_GQ8Ri8MX-0rH_T0e9ZFIhy-q0n2VxBWPoOyJ1I0="
+    private_key = ENV['NEP_AUTH_PRIVATE_KEY'] || "OFE_GQ8Ri8MX-0rH_T0e9ZFIhy-q0n2VxBWPoOyJ1I0="
     unpacked_key = Base64.urlsafe_decode64(private_key)
     signing_key = unpacked_key[0..15]
     encryption_key = unpacked_key[16..32]
diff --git a/app/controllers/dataset_controller.rb b/app/controllers/dataset_controller.rb
index 63b89aa..4675069 100644
--- a/app/controllers/dataset_controller.rb
+++ b/app/controllers/dataset_controller.rb
@@ -156,11 +156,11 @@ class DatasetController < ApplicationController
 
   def remove_selected_documents
     @nb_removed_docs = params[:documents_ids].size
-    # puts "Remove selected documents called, session has working dataset with id " + String(session[:working_dataset])
     dataset = Dataset.find(session[:working_dataset])
     dataset.remove_documents params[:documents_ids]
-    # puts request.host, request.port, request.url, request.original_fullpath
-    redirect_to "http://127.0.0.1:8001/en/tool/newspapers-platform/dataset/#{dataset.id}", id: dataset.id
+    redirect_url = ENV['NEP_REDIRECT_URL'] || 'http://127.0.0.1:8001/en/tool/newspapers-platform'
+    puts redirect_url
+    redirect_to redirect_url + "/dataset/#{dataset.id}", id: dataset.id
   end
 
   def add_all_documents
diff --git a/config/credentials.yml.enc b/config/credentials.yml.enc
deleted file mode 100644
index 9342462..0000000
--- a/config/credentials.yml.enc
+++ /dev/null
@@ -1 +0,0 @@
-GuFP+gXR5rvGVfgEYis0v/Rw/zXs4gnzV7WbFKql5Aau62F+BA/erMRTlm5iqNkcOW9WP4TNQiVraHKtVoGny9FAt7mcSI5h9oBz+TmV7WYJdm0aGv+D1MPxUZo9vXG/QQ3ESophQwXKUeMmw4WBtIt6v6zcCAVXTTWAZmLlYHRNxtoqM/ivDrWRT/CJugJMGjkzVNqfqgnSOQy5rC/SzStpthYm5YST+nR2+zedzir6XEiWyrQMy/0dMjxl+Mw7+vtXLGupdfpnJUdWu00YgoHJuHhs0opsUmLUA8lX2qTyDfIZfHgPoOhO86XXuzxlSNBJCh6NCg64DhCVdwZxks1ZUBqN/n/h7z46Wfjbc+mXE57LLRtQdW52wLZPNvfuxlaJOj3E1jhHzWBcrNwsOvBhOfLxhy9rFEZH--NwDMcOhk+Fv/AUWL--x0Lb5Ut4UAJoQ8K6rPDVbg==
\ No newline at end of file
diff --git a/config/environments/development.rb b/config/environments/development.rb
index b1fde8c..ffc7718 100644
--- a/config/environments/development.rb
+++ b/config/environments/development.rb
@@ -74,7 +74,7 @@ Rails.application.configure do
   config.file_watcher = ActiveSupport::EventedFileUpdateChecker
 
   # Allow Action Cable access from any origin.
-  config.action_cable.url = "http://127.0.0.1:3000/cable"
+  config.action_cable.url = ENV['NEP_CABLE_URL'] || "http://127.0.0.1:3000/cable"
   config.action_cable.disable_request_forgery_protection = true
   # Allow XHR/Ajax requests from different origin
   config.action_controller.forgery_protection_origin_check = false
-- 
GitLab