This allows other sites in the openstreetmap.org domain to validate
that requests are coming from a www.openstreetmap.org user.
# Load geoip for querying Maxmind GeoIP database
gem "geoip"
+# Load rotp to generate TOTP tokens
+gem "rotp"
+
# Load memcache client in case we are using it
gem "dalli"
gem "kgio"
ref (2.0.0)
request_store (1.3.1)
rinku (2.0.2)
+ rotp (3.3.0)
rubocop (0.46.0)
parser (>= 2.3.1.1, < 3.0)
powerpack (~> 0.1)
rails-i18n (~> 4.0.0)
redcarpet
rinku (>= 1.2.2)
+ rotp
rubocop
sanitize
sass-rails (~> 5.0)
unless STATUS == :database_readonly || STATUS == :database_offline
session[:location] ||= OSM.ip_location(request.env["REMOTE_ADDR"])
end
+
+ if defined?(TOTP_KEY)
+ cookies["_osm_totp_token"] = {
+ :value => ROTP::TOTP.new(TOTP_KEY, :interval => 3600).now,
+ :domain => ".openstreetmap.org",
+ :expires => 1.day.from_now
+ }
+ end
end
def permalink
#mapzen_valhalla_key: ""
# Thunderforest authentication details
#thunderforest_key: ""
+ # Key for generating TOTP tokens
+ #totp_key: ""
development:
<<: *defaults