apicasso 0.2.0 → 0.2.1
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 7477dc97e3d73988a899cc2da5fb2c9df999c36b
|
|
4
|
+
data.tar.gz: 19a09019b0bdcefd37a1e14a1941960eb2193215
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 9801cb5611575d417b32634d8a0357303375777df20898c1f6d2305baa1156123b23ce69a18ed0ce5e304267a97f1992a6a20f3745fb5a1f324ceca0dd64ad46
|
|
7
|
+
data.tar.gz: 5411d098d67a781576ac2493a7161851af530c4a9791f3e7ebd4767ce86f8bc7ee8727265a2ee3ead7ac62aacfc6a6ec3eb8e2a7615960c281d63b2d4eae8d8d
|
data/README.md
CHANGED
|
@@ -77,9 +77,9 @@ Everyone interacting in the APIcasso project’s codebases, issue trackers, chat
|
|
|
77
77
|
|
|
78
78
|
## TODO
|
|
79
79
|
|
|
80
|
-
- Abstract a configurable CORS approach.
|
|
80
|
+
- Abstract a configurable CORS approach, maybe using middleware.
|
|
81
81
|
- Add gem options like: Token rotation, Alternative authentication methods
|
|
82
|
-
-
|
|
82
|
+
- Add latest features into README: fieldset selection, grouping responses, infinite collections, auto-documentation
|
|
83
83
|
- Rate limiting
|
|
84
84
|
- Testing suite
|
|
85
85
|
- Travis CI
|
|
@@ -5,7 +5,7 @@ module Apicasso
|
|
|
5
5
|
# such as authentication and authorization
|
|
6
6
|
class ApplicationController < ActionController::API
|
|
7
7
|
include ActionController::HttpAuthentication::Token::ControllerMethods
|
|
8
|
-
prepend_before_action :restrict_access
|
|
8
|
+
prepend_before_action :restrict_access, unless: -> { preflight? }
|
|
9
9
|
after_action :register_api_request
|
|
10
10
|
|
|
11
11
|
# Sets the authorization scope for the current API key
|
|
@@ -25,7 +25,7 @@ module Apicasso
|
|
|
25
25
|
# Creates a request object in databse, registering the API key and
|
|
26
26
|
# a hash of the request and the response
|
|
27
27
|
def register_api_request
|
|
28
|
-
Apicasso::Request.delay.create(api_key_id: @api_key.id,
|
|
28
|
+
Apicasso::Request.delay.create(api_key_id: @api_key.try(:id),
|
|
29
29
|
object: { request: request_hash,
|
|
30
30
|
response: response_hash })
|
|
31
31
|
end
|
|
@@ -107,5 +107,10 @@ module Apicasso
|
|
|
107
107
|
response.headers['Access-Control-Allow-Headers'] = 'Origin, Content-Type, Accept, Authorization, Token, Auth-Token, Email, X-User-Token, X-User-Email'
|
|
108
108
|
response.headers['Access-Control-Max-Age'] = '1728000'
|
|
109
109
|
end
|
|
110
|
+
|
|
111
|
+
def preflight?
|
|
112
|
+
request.request_method == 'OPTIONS' &&
|
|
113
|
+
!request.env['Authorization'].present?
|
|
114
|
+
end
|
|
110
115
|
end
|
|
111
116
|
end
|
|
@@ -72,8 +72,12 @@ module Apicasso
|
|
|
72
72
|
# Will return a JSON with the schema of the current resource, using
|
|
73
73
|
# attribute names as keys and attirbute types as values.
|
|
74
74
|
def schema
|
|
75
|
-
|
|
76
|
-
|
|
75
|
+
if preflight?
|
|
76
|
+
set_access_control_headers
|
|
77
|
+
head :no_content
|
|
78
|
+
else
|
|
79
|
+
render json: resource_schema.to_json
|
|
80
|
+
end
|
|
77
81
|
end
|
|
78
82
|
|
|
79
83
|
private
|
data/lib/apicasso/version.rb
CHANGED