stitches 4.2.1 → 5.0.0.RC1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 076cbbf3b2dfdd8b9b01d5c9f80cc091c223f14008fd7d45ceb2fff58bf454a0
-  data.tar.gz: a0d73979c10617fd6567aa7089236da49c7d2f1e1f58648931af5f5a0d7562b4
+  metadata.gz: 6d50c6497fcd873cf6607c5386281a80aa8e0d9cc7244cec2fba83ce64820748
+  data.tar.gz: 1eb42922648ef9596bb13c4b467ae2ded8a4bcc289735b5806a2962cbbd21976
 SHA512:
-  metadata.gz: 46e0364ba7c84f2fe1ca66cac2b74236b173bd023b4573b41f0ed718c66828c1131075802e7cc388f427f7de81af6e9bc13c763429f68382ce6a8729d548e988
-  data.tar.gz: af3e5c6b23f9134ee842b300a65afcf13455d3842516696e3774e35a324d590271058f581db1451ecccbbf23c3c70f63ec2d12476c0306a1dfdf50825c7e5d55
+  metadata.gz: 74b96e70b817e78e313cf71988db8b6c354bdf200df5224df3bb2712d6f551f02505ccdc527d14073e3dcb879b066078ebb0254474ab1d55cbf619bef5942a77
+  data.tar.gz: ed8da60edb16e3758cd1c168baefb65413cd2973639a7bf281e15ccd4df11bf1f01a0d46b26b86e93185c4fca51659519518591b3bb2e5aa2bde7ab07ad4259d

data/.circleci/config.yml

@@ -1,225 +1,191 @@
-# DO NOT MODIFY - this is managed by Git Reduce in goro
-#
 ---
-version: 2
+version: 2.1
+parameters:
+  GHA_Event:
+    type: string
+    default: ""
+  GHA_Actor:
+    type: string
+    default: ""
+  GHA_Action:
+    type: string
+    default: ""
+  GHA_Meta:
+    type: string
+    default: ""
+  old_ruby:
+    type: string
+    default: "3.2.4"
+  current_ruby:
+    type: string
+    default: "3.3.2"
+  old_rails:
+    type: string
+    default: "7.0.8.4"
+  current_rails:
+    type: string
+    default: "7.1.3.4"
+
 jobs:
   generate-and-push-docs:
     docker:
-    - image: circleci/ruby:3.0.0
-      auth:
-        username: "$DOCKERHUB_USERNAME"
-        password: "$DOCKERHUB_PASSWORD"
+      - image: cimg/ruby:3.3.2
+        auth:
+          username: "$DOCKERHUB_USERNAME"
+          password: "$DOCKERHUB_PASSWORD"
     steps:
-    - checkout
-    - run: bundle config stitchfix01.jfrog.io $ARTIFACTORY_USER:$ARTIFACTORY_TOKEN
-    - run: bundle install --full-index
-    - run:
-        name: Generate documentation
-        command: ' if [[ $(bundle exec rake -T docs:generate:custom) ]]; then echo
-          "Generating docs using rake task docs:generate:custom" ; bundle exec rake
-          docs:generate:custom ; elif [[ $(bundle exec rake -T docs:generate) ]];
-          then echo "Generating docs using rake task docs:generate" ; bundle exec
-          rake docs:generate ; else echo "Skipping doc generation" ; exit 0 ; fi '
-    - run:
-        name: Push documentation to Unwritten
-        command: if [[ $(bundle exec rake -T docs:push) ]]; then bundle exec rake
-          docs:push; fi
+      - checkout
+      - run: bundle config stitchfix01.jfrog.io $ARTIFACTORY_USER:$ARTIFACTORY_TOKEN
+      - run: bundle install
+      - run:
+          name: Generate documentation
+          command:
+            ' if [[ $(bundle exec rake -T docs:generate:custom) ]]; then echo
+            "Generating docs using rake task docs:generate:custom" ; bundle exec rake
+            docs:generate:custom ; elif [[ $(bundle exec rake -T docs:generate) ]];
+            then echo "Generating docs using rake task docs:generate" ; bundle exec
+            rake docs:generate ; else echo "Skipping doc generation" ; exit 0 ; fi '
+      - run:
+          name: Push documentation to Unwritten
+          command:
+            if [[ $(bundle exec rake -T docs:push) ]]; then bundle exec rake
+            docs:push; fi
   release:
     docker:
-    - image: circleci/ruby:3.0.0
-      auth:
-        username: "$DOCKERHUB_USERNAME"
-        password: "$DOCKERHUB_PASSWORD"
+      - image: cimg/ruby:3.3.2
+        auth:
+          username: "$DOCKERHUB_USERNAME"
+          password: "$DOCKERHUB_PASSWORD"
     steps:
-    - checkout
-    - run: bundle config stitchfix01.jfrog.io $ARTIFACTORY_USER:$ARTIFACTORY_TOKEN
-    - run: bundle install --full-index
-    - run:
-        name: Artifactory login
-        command: mkdir -p ~/.gem && curl -u$ARTIFACTORY_USER:$ARTIFACTORY_TOKEN https://stitchfix01.jfrog.io/stitchfix01/api/gems/eng-gems/api/v1/api_key.yaml
-          > ~/.gem/credentials && chmod 0600 ~/.gem/credentials
-    - run:
-        name: Build/release gem to artifactory
-        command: bundle exec rake push_artifactory
-  ruby-3.0.0-rails-6.1:
+      - checkout
+      - run: bundle config stitchfix01.jfrog.io $ARTIFACTORY_USER:$ARTIFACTORY_TOKEN
+      - run: bundle install
+      - run:
+          name: Artifactory login
+          command:
+            mkdir -p ~/.gem && curl -u$ARTIFACTORY_USER:$ARTIFACTORY_TOKEN https://stitchfix01.jfrog.io/stitchfix01/api/gems/eng-gems/api/v1/api_key.yaml
+            > ~/.gem/credentials && chmod 0600 ~/.gem/credentials
+      - run:
+          name: Build/release gem to artifactory
+          command: bundle exec rake push_artifactory
+  test:
+    parameters:
+      ruby-version:
+        type: string
+        default: ""
+      rails-version:
+        type: string
+        default: ""
     docker:
-    - image: circleci/ruby:3.0.0
-      auth:
-        username: "$DOCKERHUB_USERNAME"
-        password: "$DOCKERHUB_PASSWORD"
-      environment:
-        BUNDLE_GEMFILE: Gemfile.rails-6.1
+      - image: cimg/ruby:<< parameters.ruby-version >>
+        auth:
+          username: "$DOCKERHUB_USERNAME"
+          password: "$DOCKERHUB_PASSWORD"
+      - image: cimg/postgres:13.3
+        environment:
+          POSTGRES_HOST_AUTH_METHOD: trust
+        auth:
+          username: "$DOCKERHUB_USERNAME"
+          password: "$DOCKERHUB_PASSWORD"
     working_directory: "~/stitches"
+    environment:
+      DATABASE_URL: "postgres://postgres:@localhost:5432/stitches_fake_app_test"
     steps:
-    - checkout
-    - run:
-        name: Check for Gemfile.lock presence
-        command: ' if (test -f Gemfile.lock) then echo "Dont commit Gemfile.lock (see
-          https://github.com/stitchfix/eng-wiki/blob/master/architecture-decisions/0009-rubygem-dependencies-will-be-managed-more-explicitly.md)"
-          1>&2 ; exit 1 ; else exit 0 ; fi '
-    - run: bundle config stitchfix01.jfrog.io $ARTIFACTORY_USER:$ARTIFACTORY_TOKEN
-    - run: bundle install --full-index
-    - run: bundle exec rspec --format RspecJunitFormatter --out /tmp/test-results/rspec.xml
-        --format=doc
-    - run:
-        name: Run Additional CI Steps
-        command: if [ -e bin/additional-ci-steps ]; then bin/additional-ci-steps;
-          fi
-    - run:
-        name: Notify Pager Duty
-        command: bundle exec y-notify "#eng-runtime-alerts"
-        when: on_fail
-    - store_test_results:
-        path: "/tmp/test-results"
-  ruby-2.7.2-rails-6.1:
-    docker:
-    - image: circleci/ruby:2.7.2
-      auth:
-        username: "$DOCKERHUB_USERNAME"
-        password: "$DOCKERHUB_PASSWORD"
-      environment:
-        BUNDLE_GEMFILE: Gemfile.rails-6.1
-    working_directory: "~/stitches"
-    steps:
-    - checkout
-    - run:
-        name: Check for Gemfile.lock presence
-        command: ' if (test -f Gemfile.lock) then echo "Dont commit Gemfile.lock (see
-          https://github.com/stitchfix/eng-wiki/blob/master/architecture-decisions/0009-rubygem-dependencies-will-be-managed-more-explicitly.md)"
-          1>&2 ; exit 1 ; else exit 0 ; fi '
-    - run: bundle config stitchfix01.jfrog.io $ARTIFACTORY_USER:$ARTIFACTORY_TOKEN
-    - run: bundle install --full-index
-    - run: bundle exec rspec --format RspecJunitFormatter --out /tmp/test-results/rspec.xml
-        --format=doc
-    - run:
-        name: Run Additional CI Steps
-        command: if [ -e bin/additional-ci-steps ]; then bin/additional-ci-steps;
-          fi
-    - run:
-        name: Notify Pager Duty
-        command: bundle exec y-notify "#eng-runtime-alerts"
-        when: on_fail
-    - store_test_results:
-        path: "/tmp/test-results"
-  ruby-3.0.0-rails-6.0:
-    docker:
-    - image: circleci/ruby:3.0.0
-      auth:
-        username: "$DOCKERHUB_USERNAME"
-        password: "$DOCKERHUB_PASSWORD"
-      environment:
-        BUNDLE_GEMFILE: Gemfile.rails-6.0
-    working_directory: "~/stitches"
-    steps:
-    - checkout
-    - run:
-        name: Check for Gemfile.lock presence
-        command: ' if (test -f Gemfile.lock) then echo "Dont commit Gemfile.lock (see
-          https://github.com/stitchfix/eng-wiki/blob/master/architecture-decisions/0009-rubygem-dependencies-will-be-managed-more-explicitly.md)"
-          1>&2 ; exit 1 ; else exit 0 ; fi '
-    - run: bundle config stitchfix01.jfrog.io $ARTIFACTORY_USER:$ARTIFACTORY_TOKEN
-    - run: bundle install --full-index
-    - run: bundle exec rspec --format RspecJunitFormatter --out /tmp/test-results/rspec.xml
-        --format=doc
-    - run:
-        name: Run Additional CI Steps
-        command: if [ -e bin/additional-ci-steps ]; then bin/additional-ci-steps;
-          fi
-    - run:
-        name: Notify Pager Duty
-        command: bundle exec y-notify "#eng-runtime-alerts"
-        when: on_fail
-    - store_test_results:
-        path: "/tmp/test-results"
-  ruby-2.7.2-rails-6.0:
-    docker:
-    - image: circleci/ruby:2.7.2
-      auth:
-        username: "$DOCKERHUB_USERNAME"
-        password: "$DOCKERHUB_PASSWORD"
-      environment:
-        BUNDLE_GEMFILE: Gemfile.rails-6.0
-    working_directory: "~/stitches"
-    steps:
-    - checkout
-    - run:
-        name: Check for Gemfile.lock presence
-        command: ' if (test -f Gemfile.lock) then echo "Dont commit Gemfile.lock (see
-          https://github.com/stitchfix/eng-wiki/blob/master/architecture-decisions/0009-rubygem-dependencies-will-be-managed-more-explicitly.md)"
-          1>&2 ; exit 1 ; else exit 0 ; fi '
-    - run: bundle config stitchfix01.jfrog.io $ARTIFACTORY_USER:$ARTIFACTORY_TOKEN
-    - run: bundle install --full-index
-    - run: bundle exec rspec --format RspecJunitFormatter --out /tmp/test-results/rspec.xml
-        --format=doc
-    - run:
-        name: Run Additional CI Steps
-        command: if [ -e bin/additional-ci-steps ]; then bin/additional-ci-steps;
-          fi
-    - run:
-        name: Notify Pager Duty
-        command: bundle exec y-notify "#eng-runtime-alerts"
-        when: on_fail
-    - store_test_results:
-        path: "/tmp/test-results"
+      - checkout
+      - run:
+          name: Check for Gemfile.lock presence
+          command:
+            ' if (test -f Gemfile.lock) then echo "Dont commit Gemfile.lock (see
+            https://github.com/stitchfix/eng-wiki/blob/main/architecture-decisions/0009-rubygem-dependencies-will-be-managed-more-explicitly.md)"
+            1>&2 ; exit 1 ; else exit 0 ; fi '
+      - run:
+          command: echo "ruby-<< parameters.ruby-version >>" > .ruby-version
+          working_directory: spec/fake_app
+      - run:
+          command: sed -i "s/gem 'rails'.*/gem 'rails', '~> << parameters.rails-version >>'/" Gemfile
+          working_directory: spec/fake_app
+      - run:
+          command: sed -i "s/^ruby.*/ruby '<< parameters.ruby-version >>'/" Gemfile
+          working_directory: spec/fake_app
+      - run:
+          command: bundle install
+          working_directory: spec/fake_app
+      - run:
+          command: bundle exec rake db:create db:migrate --trace
+          working_directory: spec/fake_app
+      - run: echo "gem 'rails', '~> << parameters.rails-version >>'" >> Gemfile
+      - run: echo "ruby-<< parameters.ruby-version >>" > .ruby-version
+      - run: bundle install
+      - run:
+          bundle exec rspec --format RspecJunitFormatter --out /tmp/test-results/rspec.xml
+          --format=doc
+      - run:
+          name: Run Additional CI Steps
+          command:
+            if [ -e bin/additional-ci-steps ]; then bin/additional-ci-steps;
+            fi
+      - run:
+          name: Notify Pager Duty
+          command: bundle exec y-notify "#app-platform-ops"
+          when: on_fail
+      - store_test_results:
+          path: "/tmp/test-results"
+
 workflows:
-  version: 2
   on-commit:
+    unless:
+      equal: ["schedule", << pipeline.parameters.GHA_Event >>]
     jobs:
-    - release:
-        context: org-global
-        requires:
-        - ruby-3.0.0-rails-6.1
-        - ruby-2.7.2-rails-6.1
-        - ruby-3.0.0-rails-6.0
-        - ruby-2.7.2-rails-6.0
-        filters:
-          tags:
-            only: /^[0-9]+\.[0-9]+\.[0-9]+(\.?(RC|rc)[-\.]?\w*)?$/
-          branches:
-            ignore: /.*/
-    - generate-and-push-docs:
-        context: org-global
-        requires:
-        - release
-        filters:
-          tags:
-            only: /^[0-9]+\.[0-9]+\.[0-9]+(\.?(RC|rc)[-\.]?\w*)?$/
-          branches:
-            ignore: /.*/
-    - ruby-3.0.0-rails-6.1:
-        context: org-global
-        filters:
-          tags:
-            only: &1 /.*/
-    - ruby-2.7.2-rails-6.1:
-        context: org-global
-        filters:
-          tags:
-            only: *1
-    - ruby-3.0.0-rails-6.0:
-        context: org-global
-        filters:
-          tags:
-            only: *1
-    - ruby-2.7.2-rails-6.0:
-        context: org-global
-        filters:
-          tags:
-            only: *1
+      - release:
+          context: org-global
+          requires:
+            - test
+          filters:
+            tags:
+              only: "/^(0|[1-9]\\d*)\\.(0|[1-9]\\d*)\\.(0|[1-9]\\d*)(?:(-|\\.)(?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*))?(?:\\+([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?$/"
+            branches:
+              ignore: /.*/
+      - generate-and-push-docs:
+          context: org-global
+          requires:
+            - release
+          filters:
+            tags:
+              only: "/^(0|[1-9]\\d*)\\.(0|[1-9]\\d*)\\.(0|[1-9]\\d*)(?:(-|\\.)(?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*))?(?:\\+([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?$/"
+            branches:
+              ignore: /.*/
+      - test:
+          matrix:
+            parameters:
+              ruby-version:
+                [
+                  "<< pipeline.parameters.old_ruby >>",
+                  "<< pipeline.parameters.current_ruby >>",
+                ]
+              rails-version:
+                [
+                  "<< pipeline.parameters.old_rails >>",
+                  "<< pipeline.parameters.current_rails >>",
+                ]
+          context: org-global
+          filters:
+            tags:
+              only: /.*/
   scheduled:
-    triggers:
-    - schedule:
-        cron: 53 20 * * 1,2,3,4,5
-        filters:
-          branches:
-            only:
-            - master
+    when:
+      equal: ["schedule", << pipeline.parameters.GHA_Event >>]
     jobs:
-    - ruby-3.0.0-rails-6.1:
-        context: org-global
-    - ruby-2.7.2-rails-6.1:
-        context: org-global
-    - ruby-3.0.0-rails-6.0:
-        context: org-global
-    - ruby-2.7.2-rails-6.0:
-        context: org-global
+      - test:
+          context: org-global
+          matrix:
+            parameters:
+              ruby-version:
+                [
+                  "<< pipeline.parameters.old_ruby >>",
+                  "<< pipeline.parameters.current_ruby >>",
+                ]
+              rails-version:
+                [
+                  "<< pipeline.parameters.old_rails >>",
+                  "<< pipeline.parameters.current_rails >>",
+                ]

data/.env.example

@@ -0,0 +1 @@
+DATABASE_URL="postgres://postgres:@localhost:5432/stitches_fake_app_development"

data/.github/CODEOWNERS

@@ -8,4 +8,4 @@
 # This file uses the GitHub CODEOWNERS convention to assign PR reviewers:
 # https://help.github.com/articles/about-codeowners/
 
-* @brettfishman @bwebster @stitchfix/runtime-infrastructure
+* @stitchfix/app-platform

data/.github/workflows/scheduled_cci.yml

@@ -0,0 +1,14 @@
+on:
+  schedule:
+    - cron: '53 20 * * 1,2,3,4,5'
+  workflow_dispatch:
+
+jobs:
+  trigger-circleci:
+    runs-on: ubuntu-latest
+    steps:
+      - name: CircleCI trigger on schedule
+        id: step1
+        uses: CircleCI-Public/trigger-circleci-pipeline-action@v1.0.5
+        env:
+          CCI_TOKEN: ${{ secrets.CCI_TOKEN || secrets.CCI_TOKEN_FOR_PUBLIC_REPOS }}

data/.gitignore

@@ -1,6 +1,8 @@
 pkg
 spec/reports
 spec/fake_app/log/
+spec/fake_app/tmp/
+spec/fake_app/db/schema.rb
 .vimrc
 *.sw?
 .idea/
@@ -12,3 +14,4 @@ config/database.yml
 Gemfile.lock
 Gemfile.*.lock
 .projections.json
+*.local

data/.ruby-version

@@ -1 +1 @@
-ruby-2.7.2
+ruby-3.2.3

data/README.md

@@ -1,7 +1,5 @@
 Create Microservices in Rails by pretty much just writing regular Rails code.
 
-![build status](https://travis-ci.org/stitchfix/stitches.svg?branch=master)
-
 This gem provides:
 
 - transparent API key authentication.
@@ -28,9 +26,20 @@ bundle install
 
 Then, set it up:
 
-```
+```bash
 > bin/rails generate stitches:api
-> bundle exec rake db:migrate
+> bin/rails generate stitches:api_migration # only if you're using API key authentication
+> bundle exec rake db:migrate               # only if you're using API key authentication
+```
+
+### Disable API Key Support
+
+If you're not using the API Key authentication feature of the library, configure stitches:
+
+```ruby
+Stitches.configure do |config|
+  config.disable_api_key_support = true
+end
 ```
 
 ### Upgrading from an older version
@@ -54,16 +63,16 @@ how long ago the API key was disabled.
 
 ```ruby
 Stitches.configure do |config|
-  config.disabled_key_leniency_in_seconds = 3 * 24 * 60 * 60 # Time in seconds, defaults to three days 
-  config.disabled_key_leniency_error_log_threshold_in_seconds = 2 * 24 * 60 * 60 # Time in seconds, defaults to two days 
+  config.disabled_key_leniency_in_seconds = 3 * 24 * 60 * 60 # Time in seconds, defaults to three days
+  config.disabled_key_leniency_error_log_threshold_in_seconds = 2 * 24 * 60 * 60 # Time in seconds, defaults to two days
 end
 ```
 
-If a disabled key is used within the `disabled_key_leniency_in_seconds`, it will be allowed. 
+If a disabled key is used within the `disabled_key_leniency_in_seconds`, it will be allowed.
 
-Anytime a disabled key is used a log will be generated. If it is before the 
+Anytime a disabled key is used a log will be generated. If it is before the
 `disabled_key_leniency_error_log_threshold_in_seconds` it will be a warning log message, if it is after that, it will be
-an error message. `disabled_key_leniency_error_log_threshold_in_seconds` should never be a greater number than 
+an error message. `disabled_key_leniency_error_log_threshold_in_seconds` should never be a greater number than
 `disabled_key_leniency_in_seconds`, as this provides an escallating series of warnings before finally disabling access.
 
 - If you are upgrading from a version older than 3.3.0 you need to run three generators, two of which create database

data/lib/stitches/api_generator.rb

@@ -2,32 +2,21 @@ require 'rails/generators'
 
 module Stitches
   class ApiGenerator < Rails::Generators::Base
-    include Rails::Generators::Migration
-
     source_root(File.expand_path(File.join(File.dirname(__FILE__), "generator_files")))
 
-    def self.next_migration_number(path)
-      Time.now.utc.strftime("%Y%m%d%H%M%S")
-    end
-
     desc "Bootstraps your API service with a basic ping controller and spec to ensure everything is setup properly"
     def bootstrap_api
-      gem "apitome"
       gem_group :development, :test do
         gem "rspec"
         gem "rspec-rails"
         gem "rspec_api_documentation"
       end
 
-      Bundler.with_clean_env do
+      Bundler.with_unbundled_env do
         run "bundle install"
       end
-      generate "apitome:install"
       generate "rspec:install"
 
-      gsub_file 'config/initializers/apitome.rb', /config.mount_at = .*$/, "config.mount_at = nil"
-      gsub_file 'config/initializers/apitome.rb', /config.title = .*$/, "config.title = 'Service Documentation'"
-
       inject_into_file "config/routes.rb", before: /^end/ do<<-ROUTES
 namespace :api do
   scope module: :v1, constraints: Stitches::ApiVersionConstraint.new(1) do
@@ -40,11 +29,6 @@ namespace :api do
     # as well as for your client to be able to validate this as well.
   end
 end
-
-api_docs = Rack::Auth::Basic.new(Apitome::Engine) do |_, password|
-  password == ENV['HTTP_AUTH_PASSWORD']
-end
-mount api_docs, at: "docs"
       ROUTES
       end
 
@@ -54,16 +38,10 @@ mount api_docs, at: "docs"
       copy_file "app/controllers/api/v2.rb"
       copy_file "app/controllers/api/v1/pings_controller.rb"
       copy_file "app/controllers/api/v2/pings_controller.rb"
-      copy_file "app/models/api_client.rb"
       copy_file "config/initializers/stitches.rb"
-      copy_file "lib/tasks/generate_api_key.rake"
       template "spec/features/api_spec.rb.erb", "spec/features/api_spec.rb"
       copy_file "spec/acceptance/ping_v1_spec.rb", "spec/acceptance/ping_v1_spec.rb"
 
-      migration_template "db/migrate/enable_uuid_ossp_extension.rb", "db/migrate/enable_uuid_ossp_extension.rb"
-      sleep 1 # allow clock to tick so we get different numbers
-      migration_template "db/migrate/create_api_clients.rb", "db/migrate/create_api_clients.rb"
-
       inject_into_file 'spec/rails_helper.rb', %q{
 config.include RSpec::Rails::RequestExampleGroup, type: :feature
 }, before: /^end/
@@ -77,7 +55,7 @@ require 'stitches/spec'
 require 'rspec_api_documentation'
 
 RspecApiDocumentation.configure do |config|
-  config.format = :json
+  config.format = [:json, :html]
   config.request_headers_to_include = %w(
     Accept
     Content-Type

data/lib/stitches/api_key.rb

@@ -23,6 +23,8 @@ module Stitches
   protected
 
     def do_call(env)
+      return @app.call(env) if Stitches.configuration.disable_api_key_support
+
       authorization = env["HTTP_AUTHORIZATION"]
       if authorization
         if authorization =~ /#{configuration.custom_http_auth_scheme}\s+key=(.*)\s*$/

data/lib/stitches/api_migration_generator.rb

@@ -0,0 +1,23 @@
+require 'rails/generators'
+
+module Stitches
+  class ApiMigrationGenerator < Rails::Generators::Base
+    include Rails::Generators::Migration
+
+    source_root(File.expand_path(File.join(File.dirname(__FILE__), "generator_files")))
+
+    def self.next_migration_number(path)
+      Time.now.utc.strftime("%Y%m%d%H%M%S")
+    end
+
+    desc "Add a DB backed key storage system for your API service"
+    def bootstrap_api_migration
+      copy_file "app/models/api_client.rb"
+      copy_file "lib/tasks/generate_api_key.rake"
+
+      migration_template "db/migrate/enable_uuid_ossp_extension.rb", "db/migrate/enable_uuid_ossp_extension.rb"
+      sleep 1 # allow clock to tick so we get different numbers
+      migration_template "db/migrate/create_api_clients.rb", "db/migrate/create_api_clients.rb"
+    end
+  end
+end

data/lib/stitches/configuration.rb

@@ -17,9 +17,10 @@ class Stitches::Configuration
     @max_cache_size = NonNullInteger.new("max_cache_size", 0)
     @disabled_key_leniency_in_seconds = ActiveSupport::Duration.days(3)
     @disabled_key_leniency_error_log_threshold_in_seconds = ActiveSupport::Duration.days(2)
+    @disable_api_key_support = false
   end
 
-  attr_accessor :disabled_key_leniency_in_seconds, :disabled_key_leniency_error_log_threshold_in_seconds
+  attr_accessor :disabled_key_leniency_in_seconds, :disabled_key_leniency_error_log_threshold_in_seconds, :disable_api_key_support
 
   # A RegExp that allows URLS around the mime type and api key requirements.
   # nil means that ever request must have a proper mime type and api key.

data/lib/stitches/generator_files/config/initializers/stitches.rb

@@ -8,6 +8,10 @@ Stitches.configure do |configuration|
   # but generally should be a string with no spaces or special characters.
   configuration.custom_http_auth_scheme = "CustomKeyAuth"
 
+  # Disable API Key feature. Enable it to add a database backed API Key auth scheme.
+  # Be sure to run `bin/rails generate stitches:api_migration` after enabling.
+  configuration.disable_api_key_support = true
+
   # Env var that gets the primary key of the authenticated ApiKey
   # for access in your controllers, so they don't need to re-parse the header
   # configuration.env_var_to_hold_api_client_primary_key = "YOUR_ENV_VAR"