Merge pull request #159 from DFE-Digital/signin-is-always-enabled

Signin is always enabled
DFE-Digital · Dec 7, 2023 · 20e2fb6 · 20e2fb6
2 parents 375e867 + 9978af4
commit 20e2fb6
Show file tree

Hide file tree

Showing 3 changed files with 8 additions and 4 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -60,6 +60,9 @@ RUN rm -rf node_modules log/* tmp/* /tmp && \
 # Build runtime image
 FROM ruby:3.2.2-alpine as production
 
+# Upgrade ssl, crypto and curl libraries to latest version
+RUN apk upgrade --no-cache openssl libssl3 libcrypto3 curl
+
 # The application runs from /app
 WORKDIR /app
 

diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
@@ -3,8 +3,8 @@ class ApplicationController < ActionController::Base
   default_form_builder(GOVUKDesignSystemFormBuilder::FormBuilder)
 
   before_action :http_basic_authenticate, unless: -> { FeatureFlags::FeatureFlag.active?(:service_open) }
-  before_action :authenticate_dsi_user!, if: -> { FeatureFlags::FeatureFlag.active?(:service_open) }
-  before_action :handle_expired_session!, if: -> { FeatureFlags::FeatureFlag.active?(:service_open) }
+  before_action :authenticate_dsi_user!
+  before_action :handle_expired_session!
 
   def http_basic_authenticate
     valid_credentials = [

diff --git a/spec/requests/authentication_spec.rb b/spec/requests/authentication_spec.rb
@@ -15,9 +15,10 @@
         )
       end
 
-      it "returns http success" do
+      it "redirects to sign-in" do
         get "/", env: { "HTTP_AUTHORIZATION" => credentials }
-        expect(response).to have_http_status(:success)
+        expect(response).to have_http_status(:redirect)
+        expect(response).to redirect_to("/sign-in")
       end
     end
   end