apicasso 0.2.0 → 0.2.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 7477dc97e3d73988a899cc2da5fb2c9df999c36b
|
|
4
|
+
data.tar.gz: 19a09019b0bdcefd37a1e14a1941960eb2193215
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 9801cb5611575d417b32634d8a0357303375777df20898c1f6d2305baa1156123b23ce69a18ed0ce5e304267a97f1992a6a20f3745fb5a1f324ceca0dd64ad46
|
|
7
|
+
data.tar.gz: 5411d098d67a781576ac2493a7161851af530c4a9791f3e7ebd4767ce86f8bc7ee8727265a2ee3ead7ac62aacfc6a6ec3eb8e2a7615960c281d63b2d4eae8d8d
|
data/README.md
CHANGED
|
@@ -77,9 +77,9 @@ Everyone interacting in the APIcasso project’s codebases, issue trackers, chat
|
|
|
77
77
|
|
|
78
78
|
## TODO
|
|
79
79
|
|
|
80
|
-
- Abstract a configurable CORS approach.
|
|
80
|
+
- Abstract a configurable CORS approach, maybe using middleware.
|
|
81
81
|
- Add gem options like: Token rotation, Alternative authentication methods
|
|
82
|
-
-
|
|
82
|
+
- Add latest features into README: fieldset selection, grouping responses, infinite collections, auto-documentation
|
|
83
83
|
- Rate limiting
|
|
84
84
|
- Testing suite
|
|
85
85
|
- Travis CI
|
|
@@ -5,7 +5,7 @@ module Apicasso
|
|
|
5
5
|
# such as authentication and authorization
|
|
6
6
|
class ApplicationController < ActionController::API
|
|
7
7
|
include ActionController::HttpAuthentication::Token::ControllerMethods
|
|
8
|
-
prepend_before_action :restrict_access
|
|
8
|
+
prepend_before_action :restrict_access, unless: -> { preflight? }
|
|
9
9
|
after_action :register_api_request
|
|
10
10
|
|
|
11
11
|
# Sets the authorization scope for the current API key
|
|
@@ -25,7 +25,7 @@ module Apicasso
|
|
|
25
25
|
# Creates a request object in databse, registering the API key and
|
|
26
26
|
# a hash of the request and the response
|
|
27
27
|
def register_api_request
|
|
28
|
-
Apicasso::Request.delay.create(api_key_id: @api_key.id,
|
|
28
|
+
Apicasso::Request.delay.create(api_key_id: @api_key.try(:id),
|
|
29
29
|
object: { request: request_hash,
|
|
30
30
|
response: response_hash })
|
|
31
31
|
end
|
|
@@ -107,5 +107,10 @@ module Apicasso
|
|
|
107
107
|
response.headers['Access-Control-Allow-Headers'] = 'Origin, Content-Type, Accept, Authorization, Token, Auth-Token, Email, X-User-Token, X-User-Email'
|
|
108
108
|
response.headers['Access-Control-Max-Age'] = '1728000'
|
|
109
109
|
end
|
|
110
|
+
|
|
111
|
+
def preflight?
|
|
112
|
+
request.request_method == 'OPTIONS' &&
|
|
113
|
+
!request.env['Authorization'].present?
|
|
114
|
+
end
|
|
110
115
|
end
|
|
111
116
|
end
|
|
@@ -72,8 +72,12 @@ module Apicasso
|
|
|
72
72
|
# Will return a JSON with the schema of the current resource, using
|
|
73
73
|
# attribute names as keys and attirbute types as values.
|
|
74
74
|
def schema
|
|
75
|
-
|
|
76
|
-
|
|
75
|
+
if preflight?
|
|
76
|
+
set_access_control_headers
|
|
77
|
+
head :no_content
|
|
78
|
+
else
|
|
79
|
+
render json: resource_schema.to_json
|
|
80
|
+
end
|
|
77
81
|
end
|
|
78
82
|
|
|
79
83
|
private
|
data/lib/apicasso/version.rb
CHANGED