app/controllers/concerns/requires_health_token.rb


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25

module RequiresHealthToken
  extend ActiveSupport::Concern
  included do
    before_action :validate_health_check_access!
  end

  private

  def validate_health_check_access!
    render_404 unless token_valid?
  end

  def token_valid?
    token = params[:token].presence || request.headers['TOKEN']
    token.present? &&
      ActiveSupport::SecurityUtils.variable_size_secure_compare(
        token,
        current_application_settings.health_check_access_token
      )
  end

  def render_404
    render file: Rails.root.join('public', '404'), layout: false, status: '404'
  end
end