rrx_api 0.1.0 → 8.0.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 2c2ca699f1c99096a426dcddbf8a44befe271308ba55d0e006a021b7b1b55d82
-  data.tar.gz: 1a50a0b62160658bd5fa5926c9ec99fbb870798bf0e51819cb9d1ad8892d6122
+  metadata.gz: 704fe355ce80b8309eda6e6efe7ea7cf554a3a4925ba6877079a3083380227dd
+  data.tar.gz: 78e69441af925e8d2144d894c57668c133d3e80c67b4d2bd14bc4f84cb0d6a33
 SHA512:
-  metadata.gz: 47db15f33ce5a696f80b35a1b1fb60eddb20037c11bf1b2792acc63ae7ff7f852f82146386f04530ba2203ab34fdcb243fade3681b06eded984078dc73c92eab
-  data.tar.gz: 3bd316ff0e570750e5246cdb09fd15b6c2c9b101775c6d377db1cc4331b68fc858df8b73f4f164a23309c7db4961db3ce44488cea61f990d5d7fafcfe0146740
+  metadata.gz: d8fe108896f5647852a600926980dc037c4e9e564dceb7cb13ae5ff9f7917a21c7e88930537f2c440cc7f01938120fdfc0ed8c1defd60d62b312b2982316a3ba
+  data.tar.gz: 5045a736b9da7313a3993d8da3328408f10e0a7ec2ae1b1819dd252e3cd097b4fa01e30d3299a9f97b98c0f8415bd8f265ab6a1a53ee3501b36ffdb693ffd24a

data/.rspec

@@ -1 +1 @@
---require rails_helper
+--require spec_helper

data/Gemfile

@@ -3,7 +3,6 @@
 source "https://rubygems.org"
 gemspec
 
-gem 'sqlite3'
-
-gem 'rrx_dev', path: '~/dev/rrx/rrx_dev'
-gem 'rrx_logging', path: '~/dev/rrx/rrx_logging'
+PARENT_FOLDER = Pathname(__FILE__).parent.parent
+gem 'rrx_dev', path: PARENT_FOLDER.join('rrx_dev') if PARENT_FOLDER.join('rrx_dev').exist?
+gem 'rrx_logging', path: PARENT_FOLDER.join('rrx_logging') if PARENT_FOLDER.join('rrx_logging').exist?

data/Gemfile.lock

@@ -1,14 +1,15 @@
 PATH
   remote: ../rrx_dev
   specs:
-    rrx_dev (0.1.0)
+    rrx_dev (8.0.2)
       active_record_query_trace
-      activesupport (~> 7.1.0)
+      activesupport (~> 8.0.2)
       bootsnap
       debug
+      factory_bot
       factory_bot_rails
       listen
-      railties (~> 7.1.0)
+      railties (~> 8.0.2)
       rake (>= 13.0)
       rspec (>= 3.0)
       rspec-parameterized
@@ -22,125 +23,123 @@ PATH
 PATH
   remote: ../rrx_logging
   specs:
-    rrx_logging (0.1.0)
-      activesupport
-      railties
-      rrx_config
+    rrx_logging (8.0.2)
+      activesupport (~> 8.0.2)
+      railties (~> 8.0.2)
+      rrx_config (~> 8.0.2)
 
 PATH
   remote: .
   specs:
-    rrx_api (0.1.0)
+    rrx_api (8.0.2)
       actionpack-action_caching
       bootsnap
       faraday
       faraday_middleware
-      jbuilder
+      jbuilder (~> 2.13)
       kaminari
       puma
       rack-cors
-      rails (~> 7.0)
-      rails-healthcheck
-      rrx_config
-      rrx_logging
+      rails (~> 8.0.2)
+      rrx_config (~> 8.0.2)
+      rrx_logging (~> 8.0.2)
       rswag-api
       rswag-ui
+      thor
       tzinfo-data
 
 GEM
   remote: https://rubygems.org/
   specs:
-    actioncable (7.1.2)
-      actionpack (= 7.1.2)
-      activesupport (= 7.1.2)
+    actioncable (8.0.2)
+      actionpack (= 8.0.2)
+      activesupport (= 8.0.2)
       nio4r (~> 2.0)
       websocket-driver (>= 0.6.1)
       zeitwerk (~> 2.6)
-    actionmailbox (7.1.2)
-      actionpack (= 7.1.2)
-      activejob (= 7.1.2)
-      activerecord (= 7.1.2)
-      activestorage (= 7.1.2)
-      activesupport (= 7.1.2)
-      mail (>= 2.7.1)
-      net-imap
-      net-pop
-      net-smtp
-    actionmailer (7.1.2)
-      actionpack (= 7.1.2)
-      actionview (= 7.1.2)
-      activejob (= 7.1.2)
-      activesupport (= 7.1.2)
-      mail (~> 2.5, >= 2.5.4)
-      net-imap
-      net-pop
-      net-smtp
+    actionmailbox (8.0.2)
+      actionpack (= 8.0.2)
+      activejob (= 8.0.2)
+      activerecord (= 8.0.2)
+      activestorage (= 8.0.2)
+      activesupport (= 8.0.2)
+      mail (>= 2.8.0)
+    actionmailer (8.0.2)
+      actionpack (= 8.0.2)
+      actionview (= 8.0.2)
+      activejob (= 8.0.2)
+      activesupport (= 8.0.2)
+      mail (>= 2.8.0)
       rails-dom-testing (~> 2.2)
-    actionpack (7.1.2)
-      actionview (= 7.1.2)
-      activesupport (= 7.1.2)
+    actionpack (8.0.2)
+      actionview (= 8.0.2)
+      activesupport (= 8.0.2)
       nokogiri (>= 1.8.5)
-      racc
       rack (>= 2.2.4)
       rack-session (>= 1.0.1)
       rack-test (>= 0.6.3)
       rails-dom-testing (~> 2.2)
       rails-html-sanitizer (~> 1.6)
+      useragent (~> 0.16)
     actionpack-action_caching (1.2.2)
       actionpack (>= 4.0.0)
-    actiontext (7.1.2)
-      actionpack (= 7.1.2)
-      activerecord (= 7.1.2)
-      activestorage (= 7.1.2)
-      activesupport (= 7.1.2)
+    actiontext (8.0.2)
+      actionpack (= 8.0.2)
+      activerecord (= 8.0.2)
+      activestorage (= 8.0.2)
+      activesupport (= 8.0.2)
       globalid (>= 0.6.0)
       nokogiri (>= 1.8.5)
-    actionview (7.1.2)
-      activesupport (= 7.1.2)
+    actionview (8.0.2)
+      activesupport (= 8.0.2)
       builder (~> 3.1)
       erubi (~> 1.11)
       rails-dom-testing (~> 2.2)
       rails-html-sanitizer (~> 1.6)
-    active_record_query_trace (1.8.2)
+    active_record_query_trace (1.9)
       activerecord (>= 6.0.0)
-    activejob (7.1.2)
-      activesupport (= 7.1.2)
+    activejob (8.0.2)
+      activesupport (= 8.0.2)
       globalid (>= 0.3.6)
-    activemodel (7.1.2)
-      activesupport (= 7.1.2)
-    activerecord (7.1.2)
-      activemodel (= 7.1.2)
-      activesupport (= 7.1.2)
+    activemodel (8.0.2)
+      activesupport (= 8.0.2)
+    activerecord (8.0.2)
+      activemodel (= 8.0.2)
+      activesupport (= 8.0.2)
       timeout (>= 0.4.0)
-    activestorage (7.1.2)
-      actionpack (= 7.1.2)
-      activejob (= 7.1.2)
-      activerecord (= 7.1.2)
-      activesupport (= 7.1.2)
+    activestorage (8.0.2)
+      actionpack (= 8.0.2)
+      activejob (= 8.0.2)
+      activerecord (= 8.0.2)
+      activesupport (= 8.0.2)
       marcel (~> 1.0)
-    activesupport (7.1.2)
+    activesupport (8.0.2)
       base64
+      benchmark (>= 0.3)
       bigdecimal
-      concurrent-ruby (~> 1.0, >= 1.0.2)
+      concurrent-ruby (~> 1.0, >= 1.3.1)
       connection_pool (>= 2.2.5)
       drb
       i18n (>= 1.6, < 2)
+      logger (>= 1.4.2)
       minitest (>= 5.1)
-      mutex_m
-      tzinfo (~> 2.0)
+      securerandom (>= 0.3)
+      tzinfo (~> 2.0, >= 2.0.5)
+      uri (>= 0.13.1)
     addressable (2.8.6)
       public_suffix (>= 2.0.2, < 6.0)
     ast (2.4.2)
-    base64 (0.2.0)
-    bigdecimal (3.1.5)
+    base64 (0.3.0)
+    benchmark (0.4.1)
+    bigdecimal (3.2.2)
     binding_of_caller (1.0.0)
       debug_inspector (>= 0.0.1)
     bootsnap (1.17.0)
       msgpack (~> 1.2)
-    builder (3.2.4)
+    builder (3.3.0)
     coderay (1.1.3)
-    concurrent-ruby (1.2.2)
-    connection_pool (2.4.1)
+    concurrent-ruby (1.3.5)
+    connection_pool (2.5.3)
     crass (1.0.6)
     date (3.3.4)
     debug (1.9.1)
@@ -148,9 +147,9 @@ GEM
       reline (>= 0.3.8)
     debug_inspector (1.2.0)
     diff-lcs (1.5.0)
-    drb (2.2.0)
-      ruby2_keywords
-    erubi (1.12.0)
+    drb (2.2.3)
+    erb (5.0.2)
+    erubi (1.13.1)
     factory_bot (6.4.5)
       activesupport (>= 5.0.0)
     factory_bot_rails (6.4.3)
@@ -182,15 +181,19 @@ GEM
     faraday_middleware (1.2.0)
       faraday (~> 1.0)
     ffi (1.16.3)
+    generator_spec (0.10.0)
+      activesupport (>= 3.0.0)
+      railties (>= 3.0.0)
     globalid (1.2.1)
       activesupport (>= 6.1)
-    i18n (1.14.1)
+    i18n (1.14.7)
       concurrent-ruby (~> 1.0)
     io-console (0.7.1)
-    irb (1.11.0)
-      rdoc
-      reline (>= 0.3.8)
-    jbuilder (2.11.5)
+    irb (1.15.2)
+      pp (>= 0.6.0)
+      rdoc (>= 4.0.0)
+      reline (>= 0.4.2)
+    jbuilder (2.13.0)
       actionview (>= 5.0.0)
       activesupport (>= 5.0.0)
     json (2.7.1)
@@ -212,7 +215,8 @@ GEM
     listen (3.8.0)
       rb-fsevent (~> 0.10, >= 0.10.3)
       rb-inotify (~> 0.9, >= 0.9.10)
-    loofah (2.22.0)
+    logger (1.7.0)
+    loofah (2.24.1)
       crass (~> 1.0.2)
       nokogiri (>= 1.12.0)
     mail (2.8.1)
@@ -222,10 +226,9 @@ GEM
       net-smtp
     marcel (1.0.2)
     mini_mime (1.1.5)
-    minitest (5.20.0)
+    minitest (5.25.5)
     msgpack (1.7.2)
     multipart-post (2.3.0)
-    mutex_m (0.2.0)
     net-imap (0.4.9)
       date
       net-protocol
@@ -236,12 +239,15 @@ GEM
     net-smtp (0.4.0)
       net-protocol
     nio4r (2.7.0)
-    nokogiri (1.16.0-x86_64-linux)
+    nokogiri (1.18.8-x86_64-linux-gnu)
       racc (~> 1.4)
     parallel (1.24.0)
     parser (3.2.2.4)
       ast (~> 2.4.1)
       racc
+    pp (0.6.2)
+      prettyprint
+    prettyprint (0.2.0)
     proc_to_ast (0.1.0)
       coderay
       parser
@@ -251,7 +257,7 @@ GEM
     public_suffix (5.0.4)
     puma (6.4.0)
       nio4r (~> 2.0)
-    racc (1.7.3)
+    racc (1.8.1)
     rack (3.0.8)
     rack-cors (2.0.1)
       rack (>= 2.0.0)
@@ -262,34 +268,31 @@ GEM
     rackup (2.1.0)
       rack (>= 3)
       webrick (~> 1.8)
-    rails (7.1.2)
-      actioncable (= 7.1.2)
-      actionmailbox (= 7.1.2)
-      actionmailer (= 7.1.2)
-      actionpack (= 7.1.2)
-      actiontext (= 7.1.2)
-      actionview (= 7.1.2)
-      activejob (= 7.1.2)
-      activemodel (= 7.1.2)
-      activerecord (= 7.1.2)
-      activestorage (= 7.1.2)
-      activesupport (= 7.1.2)
+    rails (8.0.2)
+      actioncable (= 8.0.2)
+      actionmailbox (= 8.0.2)
+      actionmailer (= 8.0.2)
+      actionpack (= 8.0.2)
+      actiontext (= 8.0.2)
+      actionview (= 8.0.2)
+      activejob (= 8.0.2)
+      activemodel (= 8.0.2)
+      activerecord (= 8.0.2)
+      activestorage (= 8.0.2)
+      activesupport (= 8.0.2)
       bundler (>= 1.15.0)
-      railties (= 7.1.2)
-    rails-dom-testing (2.2.0)
+      railties (= 8.0.2)
+    rails-dom-testing (2.3.0)
       activesupport (>= 5.0.0)
       minitest
       nokogiri (>= 1.6)
-    rails-healthcheck (1.4.0)
-      actionpack
-      railties
-    rails-html-sanitizer (1.6.0)
+    rails-html-sanitizer (1.6.2)
       loofah (~> 2.21)
-      nokogiri (~> 1.14)
-    railties (7.1.2)
-      actionpack (= 7.1.2)
-      activesupport (= 7.1.2)
-      irb
+      nokogiri (>= 1.15.7, != 1.16.7, != 1.16.6, != 1.16.5, != 1.16.4, != 1.16.3, != 1.16.2, != 1.16.1, != 1.16.0.rc1, != 1.16.0)
+    railties (8.0.2)
+      actionpack (= 8.0.2)
+      activesupport (= 8.0.2)
+      irb (~> 1.13)
       rackup (>= 1.0.0)
       rake (>= 12.2)
       thor (~> 1.0, >= 1.2.2)
@@ -299,13 +302,15 @@ GEM
     rb-fsevent (0.11.2)
     rb-inotify (0.10.1)
       ffi (~> 1.0)
-    rdoc (6.6.2)
+    rdoc (6.14.2)
+      erb
       psych (>= 4.0.0)
     regexp_parser (2.8.3)
-    reline (0.4.1)
+    reline (0.6.1)
       io-console (~> 0.5)
     rexml (3.2.6)
-    rrx_config (0.1.0)
+    rrx_config (8.0.2)
+      activesupport
       railties
     rspec (3.12.0)
       rspec-core (~> 3.12.0)
@@ -339,17 +344,17 @@ GEM
       rspec-mocks (~> 3.12)
       rspec-support (~> 3.12)
     rspec-support (3.12.1)
-    rswag-api (2.13.0)
-      activesupport (>= 3.1, < 7.2)
-      railties (>= 3.1, < 7.2)
-    rswag-specs (2.13.0)
-      activesupport (>= 3.1, < 7.2)
-      json-schema (>= 2.2, < 5.0)
-      railties (>= 3.1, < 7.2)
+    rswag-api (2.16.0)
+      activesupport (>= 5.2, < 8.1)
+      railties (>= 5.2, < 8.1)
+    rswag-specs (2.16.0)
+      activesupport (>= 5.2, < 8.1)
+      json-schema (>= 2.2, < 6.0)
+      railties (>= 5.2, < 8.1)
       rspec-core (>= 2.14)
-    rswag-ui (2.13.0)
-      actionpack (>= 3.1, < 7.2)
-      railties (>= 3.1, < 7.2)
+    rswag-ui (2.16.0)
+      actionpack (>= 5.2, < 8.1)
+      railties (>= 5.2, < 8.1)
     rubocop (1.59.0)
       json (~> 2.3)
       language_server-protocol (>= 3.17.0)
@@ -370,8 +375,9 @@ GEM
       rubocop-ast (>= 1.30.0, < 2.0)
     ruby-progressbar (1.13.0)
     ruby2_keywords (0.0.5)
+    securerandom (0.4.1)
     spring (4.1.3)
-    sqlite3 (1.7.0-x86_64-linux)
+    sqlite3 (2.7.3-x86_64-linux-gnu)
     stringio (3.1.0)
     thor (1.3.0)
     timeout (0.4.1)
@@ -383,6 +389,8 @@ GEM
     unparser (0.6.10)
       diff-lcs (~> 1.3)
       parser (>= 3.2.2.4)
+    uri (1.0.3)
+    useragent (0.16.11)
     webrick (1.8.1)
     websocket-driver (0.7.6)
       websocket-extensions (>= 0.1.0)
@@ -393,6 +401,7 @@ PLATFORMS
   x86_64-linux
 
 DEPENDENCIES
+  generator_spec
   rrx_api!
   rrx_dev!
   rrx_logging!

data/README.md

@@ -25,7 +25,7 @@ After installing, initialize your project with `rrx_api_setup`. Note this will a
 perform development and test setup.
 
 ```shell
-$ rrx_api_setup
+$ rrx_api
 ```
 
 ## Usage

data/app/controllers/concerns/rrx_api/authenticatable.rb

@@ -0,0 +1,79 @@
+# frozen_string_literal: true
+
+module RrxApi
+  # Controller concern providing authentication plumbing.
+  #
+  # Include this in your ApplicationController (it is included in RrxApi::Controller
+  # by default). Then call +authenticate!+ on any controller that requires auth:
+  #
+  #   class Api::V1::PostsController < ApplicationController
+  #     authenticate!
+  #   end
+  #
+  # Override +authenticated_user+ in your ApplicationController to resolve the
+  # current user from the request (token, API key, etc.). The default implementation
+  # returns +nil+, which means all requests are unauthenticated unless overridden.
+  #
+  # In test environments, requests may pass an +X-Test-User-Id+ header instead of
+  # a real token. Override +test_user+ if your User model has a different lookup.
+  module Authenticatable
+    extend ActiveSupport::Concern
+
+    AUTH_HEADER  = 'Authorization'
+    BEARER_TOKEN = 'Bearer'
+
+    included do
+      rescue_from RrxApi::Auth::TokenExpiredError do
+        render json: { error: 'token_expired' }, status: :unauthorized
+      end
+    end
+
+    class_methods do
+      # Prepend a before_action that calls +authenticate_user!+.
+      # @param only   [Array<Symbol>, nil]
+      # @param except [Array<Symbol>, nil]
+      def authenticate!(only: nil, except: nil)
+        prepend_before_action :authenticate_user!, only: only, except: except
+      end
+    end
+
+    # Returns the authenticated user or +nil+.
+    # In test env the +X-Test-User-Id+ header short-circuits real auth.
+    def current_user
+      @current_user ||= (Rails.env.test? ? test_user : nil) || authenticated_user
+    end
+
+    private
+
+    # Render 401 unless current_user is present.
+    def authenticate_user!
+      unauthorized! unless current_user
+    end
+
+    # Render a standardised 401 response.
+    # @param message [String]
+    def unauthorized!(message: 'Not authenticated')
+      render json: { error: message }, status: :unauthorized
+    end
+
+    # Resolve the current user from the request. Override this in your
+    # ApplicationController — e.g. look up by API key or bearer token.
+    # @return [Object, nil]
+    def authenticated_user
+      nil
+    end
+
+    # Yields the bearer token string if an +Authorization: Bearer <token>+ header is present.
+    def with_bearer_token
+      parts = request.headers[AUTH_HEADER]&.split(' ', 2)
+      yield parts[1] if parts&.first == BEARER_TOKEN
+    end
+
+    # Returns a user identified by the +X-Test-User-Id+ request header.
+    # Only active in the test environment. Override if your lookup differs.
+    # @return [Object, nil]
+    def test_user
+      nil
+    end
+  end
+end

data/app/controllers/rrx_api/controller.rb

@@ -3,6 +3,7 @@
 module RrxApi
   class Controller < ActionController::API
     include AbstractController::Helpers
+    include RrxApi::Authenticatable
 
     abstract!
 

data/app/controllers/rrx_api/health_controller.rb

@@ -0,0 +1,33 @@
+# frozen_string_literal: true
+
+module RrxApi
+  # Replaces the default Rails health check controller
+  class HealthController < RrxApi::Controller
+    rescue_from(Exception) { |error| render_down(error) }
+
+    def show
+      check
+      render_up
+    end
+
+    protected
+
+    def check
+      healthcheck = Rails.application.config.healthcheck
+      instance_exec(&healthcheck) if healthcheck.respond_to?(:call)
+    end
+
+    def render_up
+      render json: { status: 'up' }, status: :ok
+    end
+
+    # @param [Exception] error
+    def render_down(error)
+      render json: {
+        status: 'down',
+        message: error.message,
+        full_message: error.full_message(order: :top)
+      }, status: :internal_server_error
+    end
+  end
+end