Class: Stitches::ApiKey

Inherits:

WhitelistingMiddleware

• Object
• WhitelistingMiddleware
• Stitches::ApiKey

Defined in:

lib/stitches/api_key.rb

Overview

A middleware that requires an API key for certain transactions, and makes its id available in the enviornment for controllers.

This follows www.ietf.org/rfc/rfc2617.txt for use of custom authorization methods, namely the specification of an API key.

Apps are expected to set the Authorization header (available to Rack apps as the environment variable HTTP_AUTHORIZATION) to

MyInternalRealm key="" key>>

where MyInternalRealm is the value returned by Stitches.configuration.custom_http_auth_scheme and <<api key>> is the UUID provided to the caller. It’s expected that there is an entry in the API_CLIENTS table with this value for “key”.

If that is the case, env will be the primary key of the ApiClient that it maps to.

Defined Under Namespace

Classes: UnauthorizedResponse

Instance Method Summary

• #initialize(app, options = {}) ⇒ ApiKey constructor

  A new instance of ApiKey.

Methods inherited from WhitelistingMiddleware

#call

Constructor Details

#initialize(app, options = {}) ⇒ ApiKey

Returns a new instance of ApiKey.

# File 'lib/stitches/api_key.rb', line 23

def initialize(app,options = {})
  super(app,options)
  @realm = Rails.application.class.parent.to_s
end