stitches 4.2.2 → 5.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 31a88657d0835e4d9dae083be3a5351e0cfe719dc0c930def115d0a1d9749849
-  data.tar.gz: 4f873d97147ef91da025f0f06eb29c0c800f6a2f6410739cc64c7050b17fbb4b
+  metadata.gz: 162beab8fe18efd29717c69f7d1ff734ef6822f1355addc8699b4e1079eef741
+  data.tar.gz: 9e0d31dc4943c09889b0ddee7226963ed2cf82b13709c0f9f5a0c06603bd1990
 SHA512:
-  metadata.gz: 9c78c55c6a88cf128e1d58e9fce561f32f53207c0de2f8ddb107449fe2de2638e73f76e842aece05b1d5431072459bf7747dd736746d7ad81f3c153841f00627
-  data.tar.gz: 0ae33e523eb0f782f6cdf3a0bc457c8f09fa3a140759e344f8fe07b6a9b209dfcb119df77abe167017a491462bb83db9f10ce7f1aae7d82aa5c8b9b7046ef1bb
+  metadata.gz: 15a4b24194f3b19a930b99894d8be0ba7cac737830b50e71e763e3e66df7e944c9615692d0f3b854faeaf422cc8fa82fdb4e73ac025ed7b0ce9ccf4f673af8f0
+  data.tar.gz: 62a6dc4a6c5430f9556747ff931cb92d94a55b0d1c943c4b1dbbe53d96e2338cefc57ed7ea0513c52d69f60a8ab1455224be8bfbb5c2dba172c4ef83d3ab60fb

data/.circleci/config.yml

@@ -1,225 +1,191 @@
-# DO NOT MODIFY - this is managed by Git Reduce in goro
-#
 ---
-version: 2
+version: 2.1
+parameters:
+  GHA_Event:
+    type: string
+    default: ""
+  GHA_Actor:
+    type: string
+    default: ""
+  GHA_Action:
+    type: string
+    default: ""
+  GHA_Meta:
+    type: string
+    default: ""
+  old_ruby:
+    type: string
+    default: "3.2.4"
+  current_ruby:
+    type: string
+    default: "3.3.2"
+  old_rails:
+    type: string
+    default: "7.0.8.4"
+  current_rails:
+    type: string
+    default: "7.1.3.4"
+
 jobs:
   generate-and-push-docs:
     docker:
-    - image: circleci/ruby:3.0.0
-      auth:
-        username: "$DOCKERHUB_USERNAME"
-        password: "$DOCKERHUB_PASSWORD"
+      - image: cimg/ruby:3.3.2
+        auth:
+          username: "$DOCKERHUB_USERNAME"
+          password: "$DOCKERHUB_PASSWORD"
     steps:
-    - checkout
-    - run: bundle config stitchfix01.jfrog.io $ARTIFACTORY_USER:$ARTIFACTORY_TOKEN
-    - run: bundle install --full-index
-    - run:
-        name: Generate documentation
-        command: ' if [[ $(bundle exec rake -T docs:generate:custom) ]]; then echo
-          "Generating docs using rake task docs:generate:custom" ; bundle exec rake
-          docs:generate:custom ; elif [[ $(bundle exec rake -T docs:generate) ]];
-          then echo "Generating docs using rake task docs:generate" ; bundle exec
-          rake docs:generate ; else echo "Skipping doc generation" ; exit 0 ; fi '
-    - run:
-        name: Push documentation to Unwritten
-        command: if [[ $(bundle exec rake -T docs:push) ]]; then bundle exec rake
-          docs:push; fi
+      - checkout
+      - run: bundle config stitchfix01.jfrog.io $ARTIFACTORY_USER:$ARTIFACTORY_TOKEN
+      - run: bundle install
+      - run:
+          name: Generate documentation
+          command:
+            ' if [[ $(bundle exec rake -T docs:generate:custom) ]]; then echo
+            "Generating docs using rake task docs:generate:custom" ; bundle exec rake
+            docs:generate:custom ; elif [[ $(bundle exec rake -T docs:generate) ]];
+            then echo "Generating docs using rake task docs:generate" ; bundle exec
+            rake docs:generate ; else echo "Skipping doc generation" ; exit 0 ; fi '
+      - run:
+          name: Push documentation to Unwritten
+          command:
+            if [[ $(bundle exec rake -T docs:push) ]]; then bundle exec rake
+            docs:push; fi
   release:
     docker:
-    - image: circleci/ruby:3.0.0
-      auth:
-        username: "$DOCKERHUB_USERNAME"
-        password: "$DOCKERHUB_PASSWORD"
+      - image: cimg/ruby:3.3.2
+        auth:
+          username: "$DOCKERHUB_USERNAME"
+          password: "$DOCKERHUB_PASSWORD"
     steps:
-    - checkout
-    - run: bundle config stitchfix01.jfrog.io $ARTIFACTORY_USER:$ARTIFACTORY_TOKEN
-    - run: bundle install --full-index
-    - run:
-        name: Artifactory login
-        command: mkdir -p ~/.gem && curl -u$ARTIFACTORY_USER:$ARTIFACTORY_TOKEN https://stitchfix01.jfrog.io/stitchfix01/api/gems/eng-gems/api/v1/api_key.yaml
-          > ~/.gem/credentials && chmod 0600 ~/.gem/credentials
-    - run:
-        name: Build/release gem to artifactory
-        command: bundle exec rake push_artifactory
-  ruby-3.0.0-rails-6.1:
+      - checkout
+      - run: bundle config stitchfix01.jfrog.io $ARTIFACTORY_USER:$ARTIFACTORY_TOKEN
+      - run: bundle install
+      - run:
+          name: Artifactory login
+          command:
+            mkdir -p ~/.gem && curl -u$ARTIFACTORY_USER:$ARTIFACTORY_TOKEN https://stitchfix01.jfrog.io/stitchfix01/api/gems/eng-gems/api/v1/api_key.yaml
+            > ~/.gem/credentials && chmod 0600 ~/.gem/credentials
+      - run:
+          name: Build/release gem to artifactory
+          command: bundle exec rake push_artifactory
+  test:
+    parameters:
+      ruby-version:
+        type: string
+        default: ""
+      rails-version:
+        type: string
+        default: ""
     docker:
-    - image: circleci/ruby:3.0.0
-      auth:
-        username: "$DOCKERHUB_USERNAME"
-        password: "$DOCKERHUB_PASSWORD"
-      environment:
-        BUNDLE_GEMFILE: Gemfile.rails-6.1
+      - image: cimg/ruby:<< parameters.ruby-version >>
+        auth:
+          username: "$DOCKERHUB_USERNAME"
+          password: "$DOCKERHUB_PASSWORD"
+      - image: cimg/postgres:13.3
+        environment:
+          POSTGRES_HOST_AUTH_METHOD: trust
+        auth:
+          username: "$DOCKERHUB_USERNAME"
+          password: "$DOCKERHUB_PASSWORD"
     working_directory: "~/stitches"
+    environment:
+      DATABASE_URL: "postgres://postgres:@localhost:5432/stitches_fake_app_test"
     steps:
-    - checkout
-    - run:
-        name: Check for Gemfile.lock presence
-        command: ' if (test -f Gemfile.lock) then echo "Dont commit Gemfile.lock (see
-          https://github.com/stitchfix/eng-wiki/blob/master/architecture-decisions/0009-rubygem-dependencies-will-be-managed-more-explicitly.md)"
-          1>&2 ; exit 1 ; else exit 0 ; fi '
-    - run: bundle config stitchfix01.jfrog.io $ARTIFACTORY_USER:$ARTIFACTORY_TOKEN
-    - run: bundle install --full-index
-    - run: bundle exec rspec --format RspecJunitFormatter --out /tmp/test-results/rspec.xml
-        --format=doc
-    - run:
-        name: Run Additional CI Steps
-        command: if [ -e bin/additional-ci-steps ]; then bin/additional-ci-steps;
-          fi
-    - run:
-        name: Notify Pager Duty
-        command: bundle exec y-notify "#eng-runtime-alerts"
-        when: on_fail
-    - store_test_results:
-        path: "/tmp/test-results"
-  ruby-2.7.2-rails-6.1:
-    docker:
-    - image: circleci/ruby:2.7.2
-      auth:
-        username: "$DOCKERHUB_USERNAME"
-        password: "$DOCKERHUB_PASSWORD"
-      environment:
-        BUNDLE_GEMFILE: Gemfile.rails-6.1
-    working_directory: "~/stitches"
-    steps:
-    - checkout
-    - run:
-        name: Check for Gemfile.lock presence
-        command: ' if (test -f Gemfile.lock) then echo "Dont commit Gemfile.lock (see
-          https://github.com/stitchfix/eng-wiki/blob/master/architecture-decisions/0009-rubygem-dependencies-will-be-managed-more-explicitly.md)"
-          1>&2 ; exit 1 ; else exit 0 ; fi '
-    - run: bundle config stitchfix01.jfrog.io $ARTIFACTORY_USER:$ARTIFACTORY_TOKEN
-    - run: bundle install --full-index
-    - run: bundle exec rspec --format RspecJunitFormatter --out /tmp/test-results/rspec.xml
-        --format=doc
-    - run:
-        name: Run Additional CI Steps
-        command: if [ -e bin/additional-ci-steps ]; then bin/additional-ci-steps;
-          fi
-    - run:
-        name: Notify Pager Duty
-        command: bundle exec y-notify "#eng-runtime-alerts"
-        when: on_fail
-    - store_test_results:
-        path: "/tmp/test-results"
-  ruby-3.0.0-rails-6.0:
-    docker:
-    - image: circleci/ruby:3.0.0
-      auth:
-        username: "$DOCKERHUB_USERNAME"
-        password: "$DOCKERHUB_PASSWORD"
-      environment:
-        BUNDLE_GEMFILE: Gemfile.rails-6.0
-    working_directory: "~/stitches"
-    steps:
-    - checkout
-    - run:
-        name: Check for Gemfile.lock presence
-        command: ' if (test -f Gemfile.lock) then echo "Dont commit Gemfile.lock (see
-          https://github.com/stitchfix/eng-wiki/blob/master/architecture-decisions/0009-rubygem-dependencies-will-be-managed-more-explicitly.md)"
-          1>&2 ; exit 1 ; else exit 0 ; fi '
-    - run: bundle config stitchfix01.jfrog.io $ARTIFACTORY_USER:$ARTIFACTORY_TOKEN
-    - run: bundle install --full-index
-    - run: bundle exec rspec --format RspecJunitFormatter --out /tmp/test-results/rspec.xml
-        --format=doc
-    - run:
-        name: Run Additional CI Steps
-        command: if [ -e bin/additional-ci-steps ]; then bin/additional-ci-steps;
-          fi
-    - run:
-        name: Notify Pager Duty
-        command: bundle exec y-notify "#eng-runtime-alerts"
-        when: on_fail
-    - store_test_results:
-        path: "/tmp/test-results"
-  ruby-2.7.2-rails-6.0:
-    docker:
-    - image: circleci/ruby:2.7.2
-      auth:
-        username: "$DOCKERHUB_USERNAME"
-        password: "$DOCKERHUB_PASSWORD"
-      environment:
-        BUNDLE_GEMFILE: Gemfile.rails-6.0
-    working_directory: "~/stitches"
-    steps:
-    - checkout
-    - run:
-        name: Check for Gemfile.lock presence
-        command: ' if (test -f Gemfile.lock) then echo "Dont commit Gemfile.lock (see
-          https://github.com/stitchfix/eng-wiki/blob/master/architecture-decisions/0009-rubygem-dependencies-will-be-managed-more-explicitly.md)"
-          1>&2 ; exit 1 ; else exit 0 ; fi '
-    - run: bundle config stitchfix01.jfrog.io $ARTIFACTORY_USER:$ARTIFACTORY_TOKEN
-    - run: bundle install --full-index
-    - run: bundle exec rspec --format RspecJunitFormatter --out /tmp/test-results/rspec.xml
-        --format=doc
-    - run:
-        name: Run Additional CI Steps
-        command: if [ -e bin/additional-ci-steps ]; then bin/additional-ci-steps;
-          fi
-    - run:
-        name: Notify Pager Duty
-        command: bundle exec y-notify "#eng-runtime-alerts"
-        when: on_fail
-    - store_test_results:
-        path: "/tmp/test-results"
+      - checkout
+      - run:
+          name: Check for Gemfile.lock presence
+          command:
+            ' if (test -f Gemfile.lock) then echo "Dont commit Gemfile.lock (see
+            https://github.com/stitchfix/eng-wiki/blob/main/architecture-decisions/0009-rubygem-dependencies-will-be-managed-more-explicitly.md)"
+            1>&2 ; exit 1 ; else exit 0 ; fi '
+      - run:
+          command: echo "ruby-<< parameters.ruby-version >>" > .ruby-version
+          working_directory: spec/fake_app
+      - run:
+          command: sed -i "s/gem 'rails'.*/gem 'rails', '~> << parameters.rails-version >>'/" Gemfile
+          working_directory: spec/fake_app
+      - run:
+          command: sed -i "s/^ruby.*/ruby '<< parameters.ruby-version >>'/" Gemfile
+          working_directory: spec/fake_app
+      - run:
+          command: bundle install
+          working_directory: spec/fake_app
+      - run:
+          command: bundle exec rake db:create db:migrate --trace
+          working_directory: spec/fake_app
+      - run: echo "gem 'rails', '~> << parameters.rails-version >>'" >> Gemfile
+      - run: echo "ruby-<< parameters.ruby-version >>" > .ruby-version
+      - run: bundle install
+      - run:
+          bundle exec rspec --format RspecJunitFormatter --out /tmp/test-results/rspec.xml
+          --format=doc
+      - run:
+          name: Run Additional CI Steps
+          command:
+            if [ -e bin/additional-ci-steps ]; then bin/additional-ci-steps;
+            fi
+      - run:
+          name: Notify Pager Duty
+          command: bundle exec y-notify "#app-platform-ops"
+          when: on_fail
+      - store_test_results:
+          path: "/tmp/test-results"
+
 workflows:
-  version: 2
   on-commit:
+    unless:
+      equal: ["schedule", << pipeline.parameters.GHA_Event >>]
     jobs:
-    - release:
-        context: org-global
-        requires:
-        - ruby-3.0.0-rails-6.1
-        - ruby-2.7.2-rails-6.1
-        - ruby-3.0.0-rails-6.0
-        - ruby-2.7.2-rails-6.0
-        filters:
-          tags:
-            only: /^[0-9]+\.[0-9]+\.[0-9]+(\.?(RC|rc)[-\.]?\w*)?$/
-          branches:
-            ignore: /.*/
-    - generate-and-push-docs:
-        context: org-global
-        requires:
-        - release
-        filters:
-          tags:
-            only: /^[0-9]+\.[0-9]+\.[0-9]+(\.?(RC|rc)[-\.]?\w*)?$/
-          branches:
-            ignore: /.*/
-    - ruby-3.0.0-rails-6.1:
-        context: org-global
-        filters:
-          tags:
-            only: &1 /.*/
-    - ruby-2.7.2-rails-6.1:
-        context: org-global
-        filters:
-          tags:
-            only: *1
-    - ruby-3.0.0-rails-6.0:
-        context: org-global
-        filters:
-          tags:
-            only: *1
-    - ruby-2.7.2-rails-6.0:
-        context: org-global
-        filters:
-          tags:
-            only: *1
+      - release:
+          context: org-global
+          requires:
+            - test
+          filters:
+            tags:
+              only: "/^(0|[1-9]\\d*)\\.(0|[1-9]\\d*)\\.(0|[1-9]\\d*)(?:(-|\\.)(?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*))?(?:\\+([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?$/"
+            branches:
+              ignore: /.*/
+      - generate-and-push-docs:
+          context: org-global
+          requires:
+            - release
+          filters:
+            tags:
+              only: "/^(0|[1-9]\\d*)\\.(0|[1-9]\\d*)\\.(0|[1-9]\\d*)(?:(-|\\.)(?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*))?(?:\\+([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?$/"
+            branches:
+              ignore: /.*/
+      - test:
+          matrix:
+            parameters:
+              ruby-version:
+                [
+                  "<< pipeline.parameters.old_ruby >>",
+                  "<< pipeline.parameters.current_ruby >>",
+                ]
+              rails-version:
+                [
+                  "<< pipeline.parameters.old_rails >>",
+                  "<< pipeline.parameters.current_rails >>",
+                ]
+          context: org-global
+          filters:
+            tags:
+              only: /.*/
   scheduled:
-    triggers:
-    - schedule:
-        cron: 53 20 * * 1,2,3,4,5
-        filters:
-          branches:
-            only:
-            - master
+    when:
+      equal: ["schedule", << pipeline.parameters.GHA_Event >>]
     jobs:
-    - ruby-3.0.0-rails-6.1:
-        context: org-global
-    - ruby-2.7.2-rails-6.1:
-        context: org-global
-    - ruby-3.0.0-rails-6.0:
-        context: org-global
-    - ruby-2.7.2-rails-6.0:
-        context: org-global
+      - test:
+          context: org-global
+          matrix:
+            parameters:
+              ruby-version:
+                [
+                  "<< pipeline.parameters.old_ruby >>",
+                  "<< pipeline.parameters.current_ruby >>",
+                ]
+              rails-version:
+                [
+                  "<< pipeline.parameters.old_rails >>",
+                  "<< pipeline.parameters.current_rails >>",
+                ]

data/.env.example

@@ -0,0 +1 @@
+DATABASE_URL="postgres://postgres:@localhost:5432/stitches_fake_app_development"

data/.github/CODEOWNERS

@@ -8,4 +8,4 @@
 # This file uses the GitHub CODEOWNERS convention to assign PR reviewers:
 # https://help.github.com/articles/about-codeowners/
 
-* @brettfishman @bwebster @stitchfix/runtime-infrastructure
+* @stitchfix/app-platform

data/.github/workflows/scheduled_cci.yml

@@ -0,0 +1,14 @@
+on:
+  schedule:
+    - cron: '53 20 * * 1,2,3,4,5'
+  workflow_dispatch:
+
+jobs:
+  trigger-circleci:
+    runs-on: ubuntu-latest
+    steps:
+      - name: CircleCI trigger on schedule
+        id: step1
+        uses: CircleCI-Public/trigger-circleci-pipeline-action@v1.0.5
+        env:
+          CCI_TOKEN: ${{ secrets.CCI_TOKEN || secrets.CCI_TOKEN_FOR_PUBLIC_REPOS }}

data/.gitignore

@@ -1,6 +1,8 @@
 pkg
 spec/reports
 spec/fake_app/log/
+spec/fake_app/tmp/
+spec/fake_app/db/schema.rb
 .vimrc
 *.sw?
 .idea/
@@ -12,3 +14,4 @@ config/database.yml
 Gemfile.lock
 Gemfile.*.lock
 .projections.json
+*.local

data/.ruby-version

@@ -1 +1 @@
-ruby-2.7.2
+ruby-3.2.3

data/README.md

@@ -1,7 +1,5 @@
 Create Microservices in Rails by pretty much just writing regular Rails code.
 
-![build status](https://travis-ci.org/stitchfix/stitches.svg?branch=master)
-
 This gem provides:
 
 - transparent API key authentication.
@@ -28,9 +26,20 @@ bundle install
 
 Then, set it up:
 
-```
+```bash
 > bin/rails generate stitches:api
-> bundle exec rake db:migrate
+> bin/rails generate stitches:api_migration # only if you're using API key authentication
+> bundle exec rake db:migrate               # only if you're using API key authentication
+```
+
+### Disable API Key Support
+
+If you're not using the API Key authentication feature of the library, configure stitches:
+
+```ruby
+Stitches.configure do |config|
+  config.disable_api_key_support = true
+end
 ```
 
 ### Upgrading from an older version
@@ -54,16 +63,16 @@ how long ago the API key was disabled.
 
 ```ruby
 Stitches.configure do |config|
-  config.disabled_key_leniency_in_seconds = 3 * 24 * 60 * 60 # Time in seconds, defaults to three days 
-  config.disabled_key_leniency_error_log_threshold_in_seconds = 2 * 24 * 60 * 60 # Time in seconds, defaults to two days 
+  config.disabled_key_leniency_in_seconds = 3 * 24 * 60 * 60 # Time in seconds, defaults to three days
+  config.disabled_key_leniency_error_log_threshold_in_seconds = 2 * 24 * 60 * 60 # Time in seconds, defaults to two days
 end
 ```
 
-If a disabled key is used within the `disabled_key_leniency_in_seconds`, it will be allowed. 
+If a disabled key is used within the `disabled_key_leniency_in_seconds`, it will be allowed.
 
-Anytime a disabled key is used a log will be generated. If it is before the 
+Anytime a disabled key is used a log will be generated. If it is before the
 `disabled_key_leniency_error_log_threshold_in_seconds` it will be a warning log message, if it is after that, it will be
-an error message. `disabled_key_leniency_error_log_threshold_in_seconds` should never be a greater number than 
+an error message. `disabled_key_leniency_error_log_threshold_in_seconds` should never be a greater number than
 `disabled_key_leniency_in_seconds`, as this provides an escallating series of warnings before finally disabling access.
 
 - If you are upgrading from a version older than 3.3.0 you need to run three generators, two of which create database

data/lib/stitches/api_generator.rb

@@ -2,14 +2,8 @@ require 'rails/generators'
 
 module Stitches
   class ApiGenerator < Rails::Generators::Base
-    include Rails::Generators::Migration
-
     source_root(File.expand_path(File.join(File.dirname(__FILE__), "generator_files")))
 
-    def self.next_migration_number(path)
-      Time.now.utc.strftime("%Y%m%d%H%M%S")
-    end
-
     desc "Bootstraps your API service with a basic ping controller and spec to ensure everything is setup properly"
     def bootstrap_api
       gem_group :development, :test do
@@ -18,7 +12,7 @@ module Stitches
         gem "rspec_api_documentation"
       end
 
-      Bundler.with_clean_env do
+      Bundler.with_unbundled_env do
         run "bundle install"
       end
       generate "rspec:install"
@@ -44,16 +38,10 @@ end
       copy_file "app/controllers/api/v2.rb"
       copy_file "app/controllers/api/v1/pings_controller.rb"
       copy_file "app/controllers/api/v2/pings_controller.rb"
-      copy_file "app/models/api_client.rb"
       copy_file "config/initializers/stitches.rb"
-      copy_file "lib/tasks/generate_api_key.rake"
       template "spec/features/api_spec.rb.erb", "spec/features/api_spec.rb"
       copy_file "spec/acceptance/ping_v1_spec.rb", "spec/acceptance/ping_v1_spec.rb"
 
-      migration_template "db/migrate/enable_uuid_ossp_extension.rb", "db/migrate/enable_uuid_ossp_extension.rb"
-      sleep 1 # allow clock to tick so we get different numbers
-      migration_template "db/migrate/create_api_clients.rb", "db/migrate/create_api_clients.rb"
-
       inject_into_file 'spec/rails_helper.rb', %q{
 config.include RSpec::Rails::RequestExampleGroup, type: :feature
 }, before: /^end/

data/lib/stitches/api_key.rb

@@ -23,6 +23,8 @@ module Stitches
   protected
 
     def do_call(env)
+      return @app.call(env) if Stitches.configuration.disable_api_key_support
+
       authorization = env["HTTP_AUTHORIZATION"]
       if authorization
         if authorization =~ /#{configuration.custom_http_auth_scheme}\s+key=(.*)\s*$/

data/lib/stitches/api_migration_generator.rb

@@ -0,0 +1,23 @@
+require 'rails/generators'
+
+module Stitches
+  class ApiMigrationGenerator < Rails::Generators::Base
+    include Rails::Generators::Migration
+
+    source_root(File.expand_path(File.join(File.dirname(__FILE__), "generator_files")))
+
+    def self.next_migration_number(path)
+      Time.now.utc.strftime("%Y%m%d%H%M%S")
+    end
+
+    desc "Add a DB backed key storage system for your API service"
+    def bootstrap_api_migration
+      copy_file "app/models/api_client.rb"
+      copy_file "lib/tasks/generate_api_key.rake"
+
+      migration_template "db/migrate/enable_uuid_ossp_extension.rb", "db/migrate/enable_uuid_ossp_extension.rb"
+      sleep 1 # allow clock to tick so we get different numbers
+      migration_template "db/migrate/create_api_clients.rb", "db/migrate/create_api_clients.rb"
+    end
+  end
+end

data/lib/stitches/configuration.rb

@@ -17,9 +17,10 @@ class Stitches::Configuration
     @max_cache_size = NonNullInteger.new("max_cache_size", 0)
     @disabled_key_leniency_in_seconds = ActiveSupport::Duration.days(3)
     @disabled_key_leniency_error_log_threshold_in_seconds = ActiveSupport::Duration.days(2)
+    @disable_api_key_support = false
   end
 
-  attr_accessor :disabled_key_leniency_in_seconds, :disabled_key_leniency_error_log_threshold_in_seconds
+  attr_accessor :disabled_key_leniency_in_seconds, :disabled_key_leniency_error_log_threshold_in_seconds, :disable_api_key_support
 
   # A RegExp that allows URLS around the mime type and api key requirements.
   # nil means that ever request must have a proper mime type and api key.

data/lib/stitches/generator_files/config/initializers/stitches.rb

@@ -8,6 +8,10 @@ Stitches.configure do |configuration|
   # but generally should be a string with no spaces or special characters.
   configuration.custom_http_auth_scheme = "CustomKeyAuth"
 
+  # Disable API Key feature. Enable it to add a database backed API Key auth scheme.
+  # Be sure to run `bin/rails generate stitches:api_migration` after enabling.
+  configuration.disable_api_key_support = true
+
   # Env var that gets the primary key of the authenticated ApiKey
   # for access in your controllers, so they don't need to re-parse the header
   # configuration.env_var_to_hold_api_client_primary_key = "YOUR_ENV_VAR"

data/lib/stitches/generator_files/spec/acceptance/ping_v1_spec.rb

@@ -11,7 +11,8 @@ resource "Ping (V1)" do
     response_field :status, "The status of the ping", scope: "ping", "Type" => "String"
     example "ping the server to validate your client's happy path" do
 
-      header "Authorization", "CustomKeyAuth key=#{api_client.key}"
+      # Only needed if you're using API Key authentication
+      # header "Authorization", "CustomKeyAuth key=#{api_client.key}"
       do_request
 
       result = JSON.parse(response_body)
@@ -33,7 +34,8 @@ resource "Ping (V1)" do
 
     example "ping the server to validate your client's error handling" do
 
-      header "Authorization", "CustomKeyAuth key=#{api_client.key}"
+      # Only needed if you're using API Key authentication
+      # header "Authorization", "CustomKeyAuth key=#{api_client.key}"
       do_request
 
       result = JSON.parse(response_body)

data/lib/stitches/generator_files/spec/features/api_spec.rb.erb

@@ -48,6 +48,8 @@ feature "general API stuff" do
     expect(response).to have_api_error(code: "test", message: "OH NOES!")
   end
 
+<%# Remove always false if statement to enable API Key authentication %>
+<% if false %>
   scenario "no auth header given" do
     headers = TestHeaders.new(api_client: nil)
 <% if ::Rails::VERSION::MAJOR >= 5 -%>
@@ -80,6 +82,7 @@ feature "general API stuff" do
 
     expect(response).to have_auth_error
   end
+<% end %>
 
   scenario "no version" do
     headers = TestHeaders.new(version: nil)