From c8621489c553d2c7ba64500fdf7511c19b36265f Mon Sep 17 00:00:00 2001
From: Echo <github@3kh0.net>
Date: Wed, 25 Jun 2025 18:48:12 -0400
Subject: [PATCH] add multisupport for RACK_ATTACK_BYPASS

---
 config/initializers/rack_attack.rb | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/config/initializers/rack_attack.rb b/config/initializers/rack_attack.rb
index 068c92e..630ff05 100644
--- a/config/initializers/rack_attack.rb
+++ b/config/initializers/rack_attack.rb
@@ -2,9 +2,21 @@
 
 class Rack::Attack
   if ENV["RACK_ATTACK_BYPASS"].present?
+    begin
+      TOKENS = JSON.parse(ENV["RACK_ATTACK_BYPASS"])
+      unless TOKENS.is_a?(Array)
+        Rails.logger.warn "RACK_ATTACK_BYPASS should be a array, tf is this #{TOKENS.class}"
+        TOKENS = []
+      end
+    rescue JSON::ParserError => e
+      Rails.logger.error "RACK_ATTACK_BYPASS failed to read, you fucked it up #{e.message}"
+      TOKENS = []
+    end
+
     Rack::Attack.safelist("mark any authenticated access safe") do |request|
       # Requests are allowed if the return value is truthy
-      request.env["HTTP_RACK_ATTACK_BYPASS"] == ENV["RACK_ATTACK_BYPASS"]
+      bypass = request.env["HTTP_RACK_ATTACK_BYPASS"]
+      bypass.present? && TOKENS.include?(bypass)
     end
   end