blazer_json_api 0.1.3 → 0.1.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +14 -0
- data/app/controllers/blazer_json_api/application_controller.rb +0 -7
- data/lib/blazer_json_api/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: b6fe3871a2a73e0d9ca277c700e7ec943bb20e1bc99efb484419d7b9df31207b
|
4
|
+
data.tar.gz: 179dddb823192971bd0c44e4ef6d69c1055a64814567daa5fb4e6044f1c303e1
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 747f31b055917096f5e155bab0e9b4629a9a83ac1ca9978f70007831336ca7eac69848628a59fa9e957ec041864f9d052a2f9df618824b109b4f38f54f5eaa97
|
7
|
+
data.tar.gz: 34835c4db9ec8a8af5db3300cc8f21a18836b4b8251458ffa77b8f74bfcc82eadac5cd29b28131966721b788d87f0bacb6b0cb4f2c12cd992211cb6e9ad62682
|
data/README.md
CHANGED
@@ -32,6 +32,11 @@ And mount the engine in your `config/routes.rb`:
|
|
32
32
|
mount BlazerJsonAPI::Engine, at: 'blazer-api'
|
33
33
|
```
|
34
34
|
|
35
|
+
## Authentication
|
36
|
+
|
37
|
+
Don’t forget to protect your Blazer APIs in production.
|
38
|
+
|
39
|
+
### Basic authentication
|
35
40
|
Configure authentication in an initializer as follows (e.g. in `initializers/blazer_json_api.rb`)
|
36
41
|
|
37
42
|
```ruby
|
@@ -41,6 +46,15 @@ BlazerJsonAPI.configure do |config|
|
|
41
46
|
end
|
42
47
|
```
|
43
48
|
|
49
|
+
### Devise
|
50
|
+
Or alternatively, if you use devise, you can conditionally mount the engine using a policy or some user roles.
|
51
|
+
|
52
|
+
```ruby
|
53
|
+
authenticate :user, ->(user) { user.admin? } do
|
54
|
+
mount BlazerJsonAPI::Engine, at: 'blazer-api'
|
55
|
+
end
|
56
|
+
```
|
57
|
+
|
44
58
|
## Usage
|
45
59
|
Create queries as normal via Blazer and use the query identifier to render the JSON via the mounted location.
|
46
60
|
|
@@ -8,7 +8,6 @@ module BlazerJsonAPI
|
|
8
8
|
end
|
9
9
|
|
10
10
|
protect_from_forgery with: :exception
|
11
|
-
before_action :check_authentication
|
12
11
|
|
13
12
|
def record_not_found
|
14
13
|
render json: [], status: :not_found
|
@@ -17,11 +16,5 @@ module BlazerJsonAPI
|
|
17
16
|
def render_errors(error_messages, status: :bad_request)
|
18
17
|
render json: { errors: error_messages }, status: status
|
19
18
|
end
|
20
|
-
|
21
|
-
def check_authentication
|
22
|
-
return if BlazerJsonAPI.credentials_provided?
|
23
|
-
|
24
|
-
render_errors(['Authentication credentials not set'], status: :unauthorized)
|
25
|
-
end
|
26
19
|
end
|
27
20
|
end
|