Skip to content

Add Cloudflare bot authorization#1424

Merged
ArtOfCode- merged 2 commits intodevelopfrom
art/cf-bot-auth
Oct 12, 2024
Merged

Add Cloudflare bot authorization#1424
ArtOfCode- merged 2 commits intodevelopfrom
art/cf-bot-auth

Conversation

@ArtOfCode-
Copy link
Member

@ArtOfCode- ArtOfCode- commented Oct 7, 2024

In mitigating for the incident over the weekend, I made the server simply ignore if it couldn't fetch other Codidact sites and move on. This has left us without a functioning communities list in the footer. This change adds an authorization header that Cloudflare should recognise and allow the request.

@ArtOfCode- ArtOfCode- requested a review from a team October 7, 2024 13:05
@trichoplax
Copy link
Contributor

trichoplax commented Oct 7, 2024

I'm not sure if communities.json is used anywhere else, but a recent pull request removed the list of communities from the footer, so it isn't needed for that purpose. This was #1402 and develop has been deployed since that was merged, so production is no longer displaying communities in the footer.

@cellio
Copy link
Member

cellio commented Oct 7, 2024

The community switcher also pulls a list of communities from somewhere, presumably here (but I haven't checked).

@ArtOfCode-
Copy link
Member Author

ArtOfCode- commented Oct 7, 2024

I can't say I know off the top of my head everywhere this is used, but seems sensible to restore it to working order until we can review properly whether it's still required.

@cellio
Copy link
Member

cellio commented Oct 9, 2024

Let's get this reviewed by someone more competent than I am. :-) How do we test it?

Oaphi
Oaphi approved these changes Oct 9, 2024
View reviewed changes
Copy link
Member

@Oaphi Oaphi left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. There might be other places we would want to cover, but let's get it out as soon as we can, there's always tomorrow to cover the rest.

config/initializers/zz_codidact_sites.rb
else
response = Net::HTTP.get_response(URI('https://codidact.com/communities.json'))
uri = URI('https://codidact.com/communities.json')
req = Net::HTTP::Get.new(uri)
Copy link
Member

@Oaphi Oaphi Oct 9, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let's maybe take the opportunity and untie development from codidact being up by making this configurable and not hardcoded? Also makes sense if we ever switch domains or restructure. If I am able to get some time off for that, I can push here or barring that - separately.

@ArtOfCode- ArtOfCode- merged commit 9055afd into develop Oct 12, 2024
@ArtOfCode- ArtOfCode- deleted the art/cf-bot-auth branch October 12, 2024 11:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Oaphi Oaphi Oaphi approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@ArtOfCode- @trichoplax @cellio @Oaphi