Authentication - TrestleAdmin/trestle GitHub Wiki

Authentication with trestle-auth

For authentication support, see the official trestle-auth plugin.

The trestle-auth plugin supports multiple users (either using a generated User model or bring your own), as well as niceties such as "remember me", user avatars and a customizable login page.

In future, trestle-auth will also add support for authorization (permissions).

HTTP Basic Authentication

If you do not need support for multiple users, you may prefer the simplicity of HTTP Basic Authentication.

Add the following to config/initializers/trestle.rb:

config.before_action do |controller|
  authenticate_or_request_with_http_basic(Trestle.config.site_title) do |name, password|
    ActiveSupport::SecurityUtils.variable_size_secure_compare(name, Rails.application.secrets.trestle_login) &
      ActiveSupport::SecurityUtils.variable_size_secure_compare(password, Rails.application.secrets.trestle_password)
  end
end

And add your login and password to your config/secrets.yml file:

development:
  secret_key_base: ...
  trestle_login: admin
  trestle_password: secret

Restart your Rails server and you should be prompted for your login details when you next access the admin.