blazer_json_api 0.1.3 → 0.1.4
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +14 -0
- data/app/controllers/blazer_json_api/application_controller.rb +0 -7
- data/lib/blazer_json_api/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: b6fe3871a2a73e0d9ca277c700e7ec943bb20e1bc99efb484419d7b9df31207b
|
4
|
+
data.tar.gz: 179dddb823192971bd0c44e4ef6d69c1055a64814567daa5fb4e6044f1c303e1
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 747f31b055917096f5e155bab0e9b4629a9a83ac1ca9978f70007831336ca7eac69848628a59fa9e957ec041864f9d052a2f9df618824b109b4f38f54f5eaa97
|
7
|
+
data.tar.gz: 34835c4db9ec8a8af5db3300cc8f21a18836b4b8251458ffa77b8f74bfcc82eadac5cd29b28131966721b788d87f0bacb6b0cb4f2c12cd992211cb6e9ad62682
|
data/README.md
CHANGED
@@ -32,6 +32,11 @@ And mount the engine in your `config/routes.rb`:
|
|
32
32
|
mount BlazerJsonAPI::Engine, at: 'blazer-api'
|
33
33
|
```
|
34
34
|
|
35
|
+
## Authentication
|
36
|
+
|
37
|
+
Don’t forget to protect your Blazer APIs in production.
|
38
|
+
|
39
|
+
### Basic authentication
|
35
40
|
Configure authentication in an initializer as follows (e.g. in `initializers/blazer_json_api.rb`)
|
36
41
|
|
37
42
|
```ruby
|
@@ -41,6 +46,15 @@ BlazerJsonAPI.configure do |config|
|
|
41
46
|
end
|
42
47
|
```
|
43
48
|
|
49
|
+
### Devise
|
50
|
+
Or alternatively, if you use devise, you can conditionally mount the engine using a policy or some user roles.
|
51
|
+
|
52
|
+
```ruby
|
53
|
+
authenticate :user, ->(user) { user.admin? } do
|
54
|
+
mount BlazerJsonAPI::Engine, at: 'blazer-api'
|
55
|
+
end
|
56
|
+
```
|
57
|
+
|
44
58
|
## Usage
|
45
59
|
Create queries as normal via Blazer and use the query identifier to render the JSON via the mounted location.
|
46
60
|
|
@@ -8,7 +8,6 @@ module BlazerJsonAPI
|
|
8
8
|
end
|
9
9
|
|
10
10
|
protect_from_forgery with: :exception
|
11
|
-
before_action :check_authentication
|
12
11
|
|
13
12
|
def record_not_found
|
14
13
|
render json: [], status: :not_found
|
@@ -17,11 +16,5 @@ module BlazerJsonAPI
|
|
17
16
|
def render_errors(error_messages, status: :bad_request)
|
18
17
|
render json: { errors: error_messages }, status: status
|
19
18
|
end
|
20
|
-
|
21
|
-
def check_authentication
|
22
|
-
return if BlazerJsonAPI.credentials_provided?
|
23
|
-
|
24
|
-
render_errors(['Authentication credentials not set'], status: :unauthorized)
|
25
|
-
end
|
26
19
|
end
|
27
20
|
end
|