blazer_json_api 0.1.3 → 0.1.4

Sign up to get free protection for your applications and to get access to all the features.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +14 -0
  3. data/app/controllers/blazer_json_api/application_controller.rb +0 -7
  4. data/lib/blazer_json_api/version.rb +1 -1
  5. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: dd329ef99930168a04d81e45b6c66b8dba865f624ae90c115d54822ba8638db8
4
- data.tar.gz: 0e16b3de5dc5f23ed9ea4b266a20d0341dccebb7a2c5cfe7f059f3058ede8926
3
+ metadata.gz: b6fe3871a2a73e0d9ca277c700e7ec943bb20e1bc99efb484419d7b9df31207b
4
+ data.tar.gz: 179dddb823192971bd0c44e4ef6d69c1055a64814567daa5fb4e6044f1c303e1
5
5
  SHA512:
6
- metadata.gz: d6d2f729fca9746581cc5184f02ad64fe96e028930fb3e7f4f9c49dc74870865c27c1d18f8f5d8be745404d2e227b917bb46abf6d1311537449bbb3fda9cd63e
7
- data.tar.gz: 14b0d4e8138fcdd12c9710f1db35570eb026c8c0bd2a722c666f0183b04673183439679efea599614079f716ecd1f4bd1e4c6e10c0458550a92c567cf390a0b5
6
+ metadata.gz: 747f31b055917096f5e155bab0e9b4629a9a83ac1ca9978f70007831336ca7eac69848628a59fa9e957ec041864f9d052a2f9df618824b109b4f38f54f5eaa97
7
+ data.tar.gz: 34835c4db9ec8a8af5db3300cc8f21a18836b4b8251458ffa77b8f74bfcc82eadac5cd29b28131966721b788d87f0bacb6b0cb4f2c12cd992211cb6e9ad62682
data/README.md CHANGED
@@ -32,6 +32,11 @@ And mount the engine in your `config/routes.rb`:
32
32
  mount BlazerJsonAPI::Engine, at: 'blazer-api'
33
33
  ```
34
34
 
35
+ ## Authentication
36
+
37
+ Don’t forget to protect your Blazer APIs in production.
38
+
39
+ ### Basic authentication
35
40
  Configure authentication in an initializer as follows (e.g. in `initializers/blazer_json_api.rb`)
36
41
 
37
42
  ```ruby
@@ -41,6 +46,15 @@ BlazerJsonAPI.configure do |config|
41
46
  end
42
47
  ```
43
48
 
49
+ ### Devise
50
+ Or alternatively, if you use devise, you can conditionally mount the engine using a policy or some user roles.
51
+
52
+ ```ruby
53
+ authenticate :user, ->(user) { user.admin? } do
54
+ mount BlazerJsonAPI::Engine, at: 'blazer-api'
55
+ end
56
+ ```
57
+
44
58
  ## Usage
45
59
  Create queries as normal via Blazer and use the query identifier to render the JSON via the mounted location.
46
60
 
data/app/controllers/blazer_json_api/application_controller.rb CHANGED
@@ -8,7 +8,6 @@ module BlazerJsonAPI
8
8
  end
9
9
 
10
10
  protect_from_forgery with: :exception
11
- before_action :check_authentication
12
11
 
13
12
  def record_not_found
14
13
  render json: [], status: :not_found
@@ -17,11 +16,5 @@ module BlazerJsonAPI
17
16
  def render_errors(error_messages, status: :bad_request)
18
17
  render json: { errors: error_messages }, status: status
19
18
  end
20
-
21
- def check_authentication
22
- return if BlazerJsonAPI.credentials_provided?
23
-
24
- render_errors(['Authentication credentials not set'], status: :unauthorized)
25
- end
26
19
  end
27
20
  end
data/lib/blazer_json_api/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module BlazerJsonAPI
4
- VERSION = '0.1.3'
4
+ VERSION = '0.1.4'
5
5
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: blazer_json_api
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.3
4
+ version: 0.1.4
5
5
  platform: ruby
6
6
  authors:
7
7
  - John Farrell