Return force_ssl to the controller (#2380)

author: Matt Jankowski <mjankowski@thoughtbot.com> 2017-04-23 20:44:05 -0400
committer: Eugen <eugen@zeonfederated.com> 2017-04-24 02:44:05 +0200
commit: a0dd90a397648efafd5b2ff3383c1894ad5acac6 (patch)
tree: 6aac865e5b7153082d75c2070b6fe404b9821caf /app
parent: 1e2a5dded749649c3e8fe9e6dc6be5d516cca35a (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index ad2be71ee..291895457 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -5,6 +5,8 @@ class ApplicationController < ActionController::Base
   # For APIs, you may want to use :null_session instead.
   protect_from_forgery with: :exception
 
+  force_ssl if: :https_enabled?
+
   include Localized
 
   helper_method :current_account
@@ -24,6 +26,10 @@ class ApplicationController < ActionController::Base
 
   private
 
+  def https_enabled?
+    Rails.env.production? && ENV['LOCAL_HTTPS'] == 'true'
+  end
+
   def store_current_location
     store_location_for(:user, request.url)
   end
author	Matt Jankowski <mjankowski@thoughtbot.com>	2017-04-23 20:44:05 -0400
committer	Eugen <eugen@zeonfederated.com>	2017-04-24 02:44:05 +0200
commit	a0dd90a397648efafd5b2ff3383c1894ad5acac6 (patch)
tree	6aac865e5b7153082d75c2070b6fe404b9821caf /app
parent	1e2a5dded749649c3e8fe9e6dc6be5d516cca35a (diff)