stitches 4.2.2 → 5.0.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (40) hide show
  1. checksums.yaml +4 -4
  2. data/.circleci/config.yml +175 -209
  3. data/.env.example +1 -0
  4. data/.github/CODEOWNERS +1 -1
  5. data/.github/workflows/scheduled_cci.yml +14 -0
  6. data/.gitignore +3 -0
  7. data/.ruby-version +1 -1
  8. data/README.md +18 -9
  9. data/lib/stitches/api_generator.rb +1 -13
  10. data/lib/stitches/api_key.rb +2 -0
  11. data/lib/stitches/api_migration_generator.rb +23 -0
  12. data/lib/stitches/configuration.rb +2 -1
  13. data/lib/stitches/generator_files/config/initializers/stitches.rb +4 -0
  14. data/lib/stitches/generator_files/spec/acceptance/ping_v1_spec.rb +4 -2
  15. data/lib/stitches/generator_files/spec/features/api_spec.rb.erb +3 -0
  16. data/lib/stitches/railtie.rb +0 -1
  17. data/lib/stitches/spec/test_headers.rb +1 -1
  18. data/lib/stitches/version.rb +1 -1
  19. data/lib/stitches_norailtie.rb +1 -0
  20. data/owners.json +1 -1
  21. data/spec/api_key_middleware_spec.rb +257 -225
  22. data/spec/configuration_spec.rb +4 -0
  23. data/spec/fake_app/.ruby-version +1 -1
  24. data/spec/fake_app/Gemfile +5 -5
  25. data/spec/fake_app/config/application.rb +1 -3
  26. data/spec/fake_app/config/database.yml +9 -10
  27. data/spec/fake_app/config/initializers/assets.rb +0 -3
  28. data/spec/integration/add_to_rails_app_spec.rb +2 -1
  29. data/spec/rails_helper.rb +4 -2
  30. data/stitches.gemspec +2 -1
  31. metadata +21 -15
  32. data/Gemfile.rails-4.2 +0 -8
  33. data/Gemfile.rails-5.0 +0 -8
  34. data/Gemfile.rails-5.1 +0 -7
  35. data/Gemfile.rails-5.2 +0 -7
  36. data/Gemfile.rails-6.0 +0 -7
  37. data/Gemfile.rails-6.1 +0 -7
  38. data/build-matrix.json +0 -4
  39. data/spec/fake_app/db/development.sqlite3 +0 -0
  40. data/spec/fake_app/db/test.sqlite3 +0 -0
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 31a88657d0835e4d9dae083be3a5351e0cfe719dc0c930def115d0a1d9749849
4
- data.tar.gz: 4f873d97147ef91da025f0f06eb29c0c800f6a2f6410739cc64c7050b17fbb4b
3
+ metadata.gz: 162beab8fe18efd29717c69f7d1ff734ef6822f1355addc8699b4e1079eef741
4
+ data.tar.gz: 9e0d31dc4943c09889b0ddee7226963ed2cf82b13709c0f9f5a0c06603bd1990
5
5
  SHA512:
6
- metadata.gz: 9c78c55c6a88cf128e1d58e9fce561f32f53207c0de2f8ddb107449fe2de2638e73f76e842aece05b1d5431072459bf7747dd736746d7ad81f3c153841f00627
7
- data.tar.gz: 0ae33e523eb0f782f6cdf3a0bc457c8f09fa3a140759e344f8fe07b6a9b209dfcb119df77abe167017a491462bb83db9f10ce7f1aae7d82aa5c8b9b7046ef1bb
6
+ metadata.gz: 15a4b24194f3b19a930b99894d8be0ba7cac737830b50e71e763e3e66df7e944c9615692d0f3b854faeaf422cc8fa82fdb4e73ac025ed7b0ce9ccf4f673af8f0
7
+ data.tar.gz: 62a6dc4a6c5430f9556747ff931cb92d94a55b0d1c943c4b1dbbe53d96e2338cefc57ed7ea0513c52d69f60a8ab1455224be8bfbb5c2dba172c4ef83d3ab60fb
data/.circleci/config.yml CHANGED
@@ -1,225 +1,191 @@
1
- # DO NOT MODIFY - this is managed by Git Reduce in goro
2
- #
3
1
  ---
4
- version: 2
2
+ version: 2.1
3
+ parameters:
4
+ GHA_Event:
5
+ type: string
6
+ default: ""
7
+ GHA_Actor:
8
+ type: string
9
+ default: ""
10
+ GHA_Action:
11
+ type: string
12
+ default: ""
13
+ GHA_Meta:
14
+ type: string
15
+ default: ""
16
+ old_ruby:
17
+ type: string
18
+ default: "3.2.4"
19
+ current_ruby:
20
+ type: string
21
+ default: "3.3.2"
22
+ old_rails:
23
+ type: string
24
+ default: "7.0.8.4"
25
+ current_rails:
26
+ type: string
27
+ default: "7.1.3.4"
28
+
5
29
  jobs:
6
30
  generate-and-push-docs:
7
31
  docker:
8
- - image: circleci/ruby:3.0.0
9
- auth:
10
- username: "$DOCKERHUB_USERNAME"
11
- password: "$DOCKERHUB_PASSWORD"
32
+ - image: cimg/ruby:3.3.2
33
+ auth:
34
+ username: "$DOCKERHUB_USERNAME"
35
+ password: "$DOCKERHUB_PASSWORD"
12
36
  steps:
13
- - checkout
14
- - run: bundle config stitchfix01.jfrog.io $ARTIFACTORY_USER:$ARTIFACTORY_TOKEN
15
- - run: bundle install --full-index
16
- - run:
17
- name: Generate documentation
18
- command: ' if [[ $(bundle exec rake -T docs:generate:custom) ]]; then echo
19
- "Generating docs using rake task docs:generate:custom" ; bundle exec rake
20
- docs:generate:custom ; elif [[ $(bundle exec rake -T docs:generate) ]];
21
- then echo "Generating docs using rake task docs:generate" ; bundle exec
22
- rake docs:generate ; else echo "Skipping doc generation" ; exit 0 ; fi '
23
- - run:
24
- name: Push documentation to Unwritten
25
- command: if [[ $(bundle exec rake -T docs:push) ]]; then bundle exec rake
26
- docs:push; fi
37
+ - checkout
38
+ - run: bundle config stitchfix01.jfrog.io $ARTIFACTORY_USER:$ARTIFACTORY_TOKEN
39
+ - run: bundle install
40
+ - run:
41
+ name: Generate documentation
42
+ command:
43
+ ' if [[ $(bundle exec rake -T docs:generate:custom) ]]; then echo
44
+ "Generating docs using rake task docs:generate:custom" ; bundle exec rake
45
+ docs:generate:custom ; elif [[ $(bundle exec rake -T docs:generate) ]];
46
+ then echo "Generating docs using rake task docs:generate" ; bundle exec
47
+ rake docs:generate ; else echo "Skipping doc generation" ; exit 0 ; fi '
48
+ - run:
49
+ name: Push documentation to Unwritten
50
+ command:
51
+ if [[ $(bundle exec rake -T docs:push) ]]; then bundle exec rake
52
+ docs:push; fi
27
53
  release:
28
54
  docker:
29
- - image: circleci/ruby:3.0.0
30
- auth:
31
- username: "$DOCKERHUB_USERNAME"
32
- password: "$DOCKERHUB_PASSWORD"
55
+ - image: cimg/ruby:3.3.2
56
+ auth:
57
+ username: "$DOCKERHUB_USERNAME"
58
+ password: "$DOCKERHUB_PASSWORD"
33
59
  steps:
34
- - checkout
35
- - run: bundle config stitchfix01.jfrog.io $ARTIFACTORY_USER:$ARTIFACTORY_TOKEN
36
- - run: bundle install --full-index
37
- - run:
38
- name: Artifactory login
39
- command: mkdir -p ~/.gem && curl -u$ARTIFACTORY_USER:$ARTIFACTORY_TOKEN https://stitchfix01.jfrog.io/stitchfix01/api/gems/eng-gems/api/v1/api_key.yaml
40
- > ~/.gem/credentials && chmod 0600 ~/.gem/credentials
41
- - run:
42
- name: Build/release gem to artifactory
43
- command: bundle exec rake push_artifactory
44
- ruby-3.0.0-rails-6.1:
60
+ - checkout
61
+ - run: bundle config stitchfix01.jfrog.io $ARTIFACTORY_USER:$ARTIFACTORY_TOKEN
62
+ - run: bundle install
63
+ - run:
64
+ name: Artifactory login
65
+ command:
66
+ mkdir -p ~/.gem && curl -u$ARTIFACTORY_USER:$ARTIFACTORY_TOKEN https://stitchfix01.jfrog.io/stitchfix01/api/gems/eng-gems/api/v1/api_key.yaml
67
+ > ~/.gem/credentials && chmod 0600 ~/.gem/credentials
68
+ - run:
69
+ name: Build/release gem to artifactory
70
+ command: bundle exec rake push_artifactory
71
+ test:
72
+ parameters:
73
+ ruby-version:
74
+ type: string
75
+ default: ""
76
+ rails-version:
77
+ type: string
78
+ default: ""
45
79
  docker:
46
- - image: circleci/ruby:3.0.0
47
- auth:
48
- username: "$DOCKERHUB_USERNAME"
49
- password: "$DOCKERHUB_PASSWORD"
50
- environment:
51
- BUNDLE_GEMFILE: Gemfile.rails-6.1
80
+ - image: cimg/ruby:<< parameters.ruby-version >>
81
+ auth:
82
+ username: "$DOCKERHUB_USERNAME"
83
+ password: "$DOCKERHUB_PASSWORD"
84
+ - image: cimg/postgres:13.3
85
+ environment:
86
+ POSTGRES_HOST_AUTH_METHOD: trust
87
+ auth:
88
+ username: "$DOCKERHUB_USERNAME"
89
+ password: "$DOCKERHUB_PASSWORD"
52
90
  working_directory: "~/stitches"
91
+ environment:
92
+ DATABASE_URL: "postgres://postgres:@localhost:5432/stitches_fake_app_test"
53
93
  steps:
54
- - checkout
55
- - run:
56
- name: Check for Gemfile.lock presence
57
- command: ' if (test -f Gemfile.lock) then echo "Dont commit Gemfile.lock (see
58
- https://github.com/stitchfix/eng-wiki/blob/master/architecture-decisions/0009-rubygem-dependencies-will-be-managed-more-explicitly.md)"
59
- 1>&2 ; exit 1 ; else exit 0 ; fi '
60
- - run: bundle config stitchfix01.jfrog.io $ARTIFACTORY_USER:$ARTIFACTORY_TOKEN
61
- - run: bundle install --full-index
62
- - run: bundle exec rspec --format RspecJunitFormatter --out /tmp/test-results/rspec.xml
63
- --format=doc
64
- - run:
65
- name: Run Additional CI Steps
66
- command: if [ -e bin/additional-ci-steps ]; then bin/additional-ci-steps;
67
- fi
68
- - run:
69
- name: Notify Pager Duty
70
- command: bundle exec y-notify "#eng-runtime-alerts"
71
- when: on_fail
72
- - store_test_results:
73
- path: "/tmp/test-results"
74
- ruby-2.7.2-rails-6.1:
75
- docker:
76
- - image: circleci/ruby:2.7.2
77
- auth:
78
- username: "$DOCKERHUB_USERNAME"
79
- password: "$DOCKERHUB_PASSWORD"
80
- environment:
81
- BUNDLE_GEMFILE: Gemfile.rails-6.1
82
- working_directory: "~/stitches"
83
- steps:
84
- - checkout
85
- - run:
86
- name: Check for Gemfile.lock presence
87
- command: ' if (test -f Gemfile.lock) then echo "Dont commit Gemfile.lock (see
88
- https://github.com/stitchfix/eng-wiki/blob/master/architecture-decisions/0009-rubygem-dependencies-will-be-managed-more-explicitly.md)"
89
- 1>&2 ; exit 1 ; else exit 0 ; fi '
90
- - run: bundle config stitchfix01.jfrog.io $ARTIFACTORY_USER:$ARTIFACTORY_TOKEN
91
- - run: bundle install --full-index
92
- - run: bundle exec rspec --format RspecJunitFormatter --out /tmp/test-results/rspec.xml
93
- --format=doc
94
- - run:
95
- name: Run Additional CI Steps
96
- command: if [ -e bin/additional-ci-steps ]; then bin/additional-ci-steps;
97
- fi
98
- - run:
99
- name: Notify Pager Duty
100
- command: bundle exec y-notify "#eng-runtime-alerts"
101
- when: on_fail
102
- - store_test_results:
103
- path: "/tmp/test-results"
104
- ruby-3.0.0-rails-6.0:
105
- docker:
106
- - image: circleci/ruby:3.0.0
107
- auth:
108
- username: "$DOCKERHUB_USERNAME"
109
- password: "$DOCKERHUB_PASSWORD"
110
- environment:
111
- BUNDLE_GEMFILE: Gemfile.rails-6.0
112
- working_directory: "~/stitches"
113
- steps:
114
- - checkout
115
- - run:
116
- name: Check for Gemfile.lock presence
117
- command: ' if (test -f Gemfile.lock) then echo "Dont commit Gemfile.lock (see
118
- https://github.com/stitchfix/eng-wiki/blob/master/architecture-decisions/0009-rubygem-dependencies-will-be-managed-more-explicitly.md)"
119
- 1>&2 ; exit 1 ; else exit 0 ; fi '
120
- - run: bundle config stitchfix01.jfrog.io $ARTIFACTORY_USER:$ARTIFACTORY_TOKEN
121
- - run: bundle install --full-index
122
- - run: bundle exec rspec --format RspecJunitFormatter --out /tmp/test-results/rspec.xml
123
- --format=doc
124
- - run:
125
- name: Run Additional CI Steps
126
- command: if [ -e bin/additional-ci-steps ]; then bin/additional-ci-steps;
127
- fi
128
- - run:
129
- name: Notify Pager Duty
130
- command: bundle exec y-notify "#eng-runtime-alerts"
131
- when: on_fail
132
- - store_test_results:
133
- path: "/tmp/test-results"
134
- ruby-2.7.2-rails-6.0:
135
- docker:
136
- - image: circleci/ruby:2.7.2
137
- auth:
138
- username: "$DOCKERHUB_USERNAME"
139
- password: "$DOCKERHUB_PASSWORD"
140
- environment:
141
- BUNDLE_GEMFILE: Gemfile.rails-6.0
142
- working_directory: "~/stitches"
143
- steps:
144
- - checkout
145
- - run:
146
- name: Check for Gemfile.lock presence
147
- command: ' if (test -f Gemfile.lock) then echo "Dont commit Gemfile.lock (see
148
- https://github.com/stitchfix/eng-wiki/blob/master/architecture-decisions/0009-rubygem-dependencies-will-be-managed-more-explicitly.md)"
149
- 1>&2 ; exit 1 ; else exit 0 ; fi '
150
- - run: bundle config stitchfix01.jfrog.io $ARTIFACTORY_USER:$ARTIFACTORY_TOKEN
151
- - run: bundle install --full-index
152
- - run: bundle exec rspec --format RspecJunitFormatter --out /tmp/test-results/rspec.xml
153
- --format=doc
154
- - run:
155
- name: Run Additional CI Steps
156
- command: if [ -e bin/additional-ci-steps ]; then bin/additional-ci-steps;
157
- fi
158
- - run:
159
- name: Notify Pager Duty
160
- command: bundle exec y-notify "#eng-runtime-alerts"
161
- when: on_fail
162
- - store_test_results:
163
- path: "/tmp/test-results"
94
+ - checkout
95
+ - run:
96
+ name: Check for Gemfile.lock presence
97
+ command:
98
+ ' if (test -f Gemfile.lock) then echo "Dont commit Gemfile.lock (see
99
+ https://github.com/stitchfix/eng-wiki/blob/main/architecture-decisions/0009-rubygem-dependencies-will-be-managed-more-explicitly.md)"
100
+ 1>&2 ; exit 1 ; else exit 0 ; fi '
101
+ - run:
102
+ command: echo "ruby-<< parameters.ruby-version >>" > .ruby-version
103
+ working_directory: spec/fake_app
104
+ - run:
105
+ command: sed -i "s/gem 'rails'.*/gem 'rails', '~> << parameters.rails-version >>'/" Gemfile
106
+ working_directory: spec/fake_app
107
+ - run:
108
+ command: sed -i "s/^ruby.*/ruby '<< parameters.ruby-version >>'/" Gemfile
109
+ working_directory: spec/fake_app
110
+ - run:
111
+ command: bundle install
112
+ working_directory: spec/fake_app
113
+ - run:
114
+ command: bundle exec rake db:create db:migrate --trace
115
+ working_directory: spec/fake_app
116
+ - run: echo "gem 'rails', '~> << parameters.rails-version >>'" >> Gemfile
117
+ - run: echo "ruby-<< parameters.ruby-version >>" > .ruby-version
118
+ - run: bundle install
119
+ - run:
120
+ bundle exec rspec --format RspecJunitFormatter --out /tmp/test-results/rspec.xml
121
+ --format=doc
122
+ - run:
123
+ name: Run Additional CI Steps
124
+ command:
125
+ if [ -e bin/additional-ci-steps ]; then bin/additional-ci-steps;
126
+ fi
127
+ - run:
128
+ name: Notify Pager Duty
129
+ command: bundle exec y-notify "#app-platform-ops"
130
+ when: on_fail
131
+ - store_test_results:
132
+ path: "/tmp/test-results"
133
+
164
134
  workflows:
165
- version: 2
166
135
  on-commit:
136
+ unless:
137
+ equal: ["schedule", << pipeline.parameters.GHA_Event >>]
167
138
  jobs:
168
- - release:
169
- context: org-global
170
- requires:
171
- - ruby-3.0.0-rails-6.1
172
- - ruby-2.7.2-rails-6.1
173
- - ruby-3.0.0-rails-6.0
174
- - ruby-2.7.2-rails-6.0
175
- filters:
176
- tags:
177
- only: /^[0-9]+\.[0-9]+\.[0-9]+(\.?(RC|rc)[-\.]?\w*)?$/
178
- branches:
179
- ignore: /.*/
180
- - generate-and-push-docs:
181
- context: org-global
182
- requires:
183
- - release
184
- filters:
185
- tags:
186
- only: /^[0-9]+\.[0-9]+\.[0-9]+(\.?(RC|rc)[-\.]?\w*)?$/
187
- branches:
188
- ignore: /.*/
189
- - ruby-3.0.0-rails-6.1:
190
- context: org-global
191
- filters:
192
- tags:
193
- only: &1 /.*/
194
- - ruby-2.7.2-rails-6.1:
195
- context: org-global
196
- filters:
197
- tags:
198
- only: *1
199
- - ruby-3.0.0-rails-6.0:
200
- context: org-global
201
- filters:
202
- tags:
203
- only: *1
204
- - ruby-2.7.2-rails-6.0:
205
- context: org-global
206
- filters:
207
- tags:
208
- only: *1
139
+ - release:
140
+ context: org-global
141
+ requires:
142
+ - test
143
+ filters:
144
+ tags:
145
+ only: "/^(0|[1-9]\\d*)\\.(0|[1-9]\\d*)\\.(0|[1-9]\\d*)(?:(-|\\.)(?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*))?(?:\\+([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?$/"
146
+ branches:
147
+ ignore: /.*/
148
+ - generate-and-push-docs:
149
+ context: org-global
150
+ requires:
151
+ - release
152
+ filters:
153
+ tags:
154
+ only: "/^(0|[1-9]\\d*)\\.(0|[1-9]\\d*)\\.(0|[1-9]\\d*)(?:(-|\\.)(?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*))?(?:\\+([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?$/"
155
+ branches:
156
+ ignore: /.*/
157
+ - test:
158
+ matrix:
159
+ parameters:
160
+ ruby-version:
161
+ [
162
+ "<< pipeline.parameters.old_ruby >>",
163
+ "<< pipeline.parameters.current_ruby >>",
164
+ ]
165
+ rails-version:
166
+ [
167
+ "<< pipeline.parameters.old_rails >>",
168
+ "<< pipeline.parameters.current_rails >>",
169
+ ]
170
+ context: org-global
171
+ filters:
172
+ tags:
173
+ only: /.*/
209
174
  scheduled:
210
- triggers:
211
- - schedule:
212
- cron: 53 20 * * 1,2,3,4,5
213
- filters:
214
- branches:
215
- only:
216
- - master
175
+ when:
176
+ equal: ["schedule", << pipeline.parameters.GHA_Event >>]
217
177
  jobs:
218
- - ruby-3.0.0-rails-6.1:
219
- context: org-global
220
- - ruby-2.7.2-rails-6.1:
221
- context: org-global
222
- - ruby-3.0.0-rails-6.0:
223
- context: org-global
224
- - ruby-2.7.2-rails-6.0:
225
- context: org-global
178
+ - test:
179
+ context: org-global
180
+ matrix:
181
+ parameters:
182
+ ruby-version:
183
+ [
184
+ "<< pipeline.parameters.old_ruby >>",
185
+ "<< pipeline.parameters.current_ruby >>",
186
+ ]
187
+ rails-version:
188
+ [
189
+ "<< pipeline.parameters.old_rails >>",
190
+ "<< pipeline.parameters.current_rails >>",
191
+ ]
data/.env.example ADDED
@@ -0,0 +1 @@
1
+ DATABASE_URL="postgres://postgres:@localhost:5432/stitches_fake_app_development"
data/.github/CODEOWNERS CHANGED
@@ -8,4 +8,4 @@
8
8
  # This file uses the GitHub CODEOWNERS convention to assign PR reviewers:
9
9
  # https://help.github.com/articles/about-codeowners/
10
10
 
11
- * @brettfishman @bwebster @stitchfix/runtime-infrastructure
11
+ * @stitchfix/app-platform
@@ -0,0 +1,14 @@
1
+ on:
2
+ schedule:
3
+ - cron: '53 20 * * 1,2,3,4,5'
4
+ workflow_dispatch:
5
+
6
+ jobs:
7
+ trigger-circleci:
8
+ runs-on: ubuntu-latest
9
+ steps:
10
+ - name: CircleCI trigger on schedule
11
+ id: step1
12
+ uses: CircleCI-Public/trigger-circleci-pipeline-action@v1.0.5
13
+ env:
14
+ CCI_TOKEN: ${{ secrets.CCI_TOKEN || secrets.CCI_TOKEN_FOR_PUBLIC_REPOS }}
data/.gitignore CHANGED
@@ -1,6 +1,8 @@
1
1
  pkg
2
2
  spec/reports
3
3
  spec/fake_app/log/
4
+ spec/fake_app/tmp/
5
+ spec/fake_app/db/schema.rb
4
6
  .vimrc
5
7
  *.sw?
6
8
  .idea/
@@ -12,3 +14,4 @@ config/database.yml
12
14
  Gemfile.lock
13
15
  Gemfile.*.lock
14
16
  .projections.json
17
+ *.local
data/.ruby-version CHANGED
@@ -1 +1 @@
1
- ruby-2.7.2
1
+ ruby-3.2.3
data/README.md CHANGED
@@ -1,7 +1,5 @@
1
1
  Create Microservices in Rails by pretty much just writing regular Rails code.
2
2
 
3
- ![build status](https://travis-ci.org/stitchfix/stitches.svg?branch=master)
4
-
5
3
  This gem provides:
6
4
 
7
5
  - transparent API key authentication.
@@ -28,9 +26,20 @@ bundle install
28
26
 
29
27
  Then, set it up:
30
28
 
31
- ```
29
+ ```bash
32
30
  > bin/rails generate stitches:api
33
- > bundle exec rake db:migrate
31
+ > bin/rails generate stitches:api_migration # only if you're using API key authentication
32
+ > bundle exec rake db:migrate # only if you're using API key authentication
33
+ ```
34
+
35
+ ### Disable API Key Support
36
+
37
+ If you're not using the API Key authentication feature of the library, configure stitches:
38
+
39
+ ```ruby
40
+ Stitches.configure do |config|
41
+ config.disable_api_key_support = true
42
+ end
34
43
  ```
35
44
 
36
45
  ### Upgrading from an older version
@@ -54,16 +63,16 @@ how long ago the API key was disabled.
54
63
 
55
64
  ```ruby
56
65
  Stitches.configure do |config|
57
- config.disabled_key_leniency_in_seconds = 3 * 24 * 60 * 60 # Time in seconds, defaults to three days
58
- config.disabled_key_leniency_error_log_threshold_in_seconds = 2 * 24 * 60 * 60 # Time in seconds, defaults to two days
66
+ config.disabled_key_leniency_in_seconds = 3 * 24 * 60 * 60 # Time in seconds, defaults to three days
67
+ config.disabled_key_leniency_error_log_threshold_in_seconds = 2 * 24 * 60 * 60 # Time in seconds, defaults to two days
59
68
  end
60
69
  ```
61
70
 
62
- If a disabled key is used within the `disabled_key_leniency_in_seconds`, it will be allowed.
71
+ If a disabled key is used within the `disabled_key_leniency_in_seconds`, it will be allowed.
63
72
 
64
- Anytime a disabled key is used a log will be generated. If it is before the
73
+ Anytime a disabled key is used a log will be generated. If it is before the
65
74
  `disabled_key_leniency_error_log_threshold_in_seconds` it will be a warning log message, if it is after that, it will be
66
- an error message. `disabled_key_leniency_error_log_threshold_in_seconds` should never be a greater number than
75
+ an error message. `disabled_key_leniency_error_log_threshold_in_seconds` should never be a greater number than
67
76
  `disabled_key_leniency_in_seconds`, as this provides an escallating series of warnings before finally disabling access.
68
77
 
69
78
  - If you are upgrading from a version older than 3.3.0 you need to run three generators, two of which create database
@@ -2,14 +2,8 @@ require 'rails/generators'
2
2
 
3
3
  module Stitches
4
4
  class ApiGenerator < Rails::Generators::Base
5
- include Rails::Generators::Migration
6
-
7
5
  source_root(File.expand_path(File.join(File.dirname(__FILE__), "generator_files")))
8
6
 
9
- def self.next_migration_number(path)
10
- Time.now.utc.strftime("%Y%m%d%H%M%S")
11
- end
12
-
13
7
  desc "Bootstraps your API service with a basic ping controller and spec to ensure everything is setup properly"
14
8
  def bootstrap_api
15
9
  gem_group :development, :test do
@@ -18,7 +12,7 @@ module Stitches
18
12
  gem "rspec_api_documentation"
19
13
  end
20
14
 
21
- Bundler.with_clean_env do
15
+ Bundler.with_unbundled_env do
22
16
  run "bundle install"
23
17
  end
24
18
  generate "rspec:install"
@@ -44,16 +38,10 @@ end
44
38
  copy_file "app/controllers/api/v2.rb"
45
39
  copy_file "app/controllers/api/v1/pings_controller.rb"
46
40
  copy_file "app/controllers/api/v2/pings_controller.rb"
47
- copy_file "app/models/api_client.rb"
48
41
  copy_file "config/initializers/stitches.rb"
49
- copy_file "lib/tasks/generate_api_key.rake"
50
42
  template "spec/features/api_spec.rb.erb", "spec/features/api_spec.rb"
51
43
  copy_file "spec/acceptance/ping_v1_spec.rb", "spec/acceptance/ping_v1_spec.rb"
52
44
 
53
- migration_template "db/migrate/enable_uuid_ossp_extension.rb", "db/migrate/enable_uuid_ossp_extension.rb"
54
- sleep 1 # allow clock to tick so we get different numbers
55
- migration_template "db/migrate/create_api_clients.rb", "db/migrate/create_api_clients.rb"
56
-
57
45
  inject_into_file 'spec/rails_helper.rb', %q{
58
46
  config.include RSpec::Rails::RequestExampleGroup, type: :feature
59
47
  }, before: /^end/
@@ -23,6 +23,8 @@ module Stitches
23
23
  protected
24
24
 
25
25
  def do_call(env)
26
+ return @app.call(env) if Stitches.configuration.disable_api_key_support
27
+
26
28
  authorization = env["HTTP_AUTHORIZATION"]
27
29
  if authorization
28
30
  if authorization =~ /#{configuration.custom_http_auth_scheme}\s+key=(.*)\s*$/
@@ -0,0 +1,23 @@
1
+ require 'rails/generators'
2
+
3
+ module Stitches
4
+ class ApiMigrationGenerator < Rails::Generators::Base
5
+ include Rails::Generators::Migration
6
+
7
+ source_root(File.expand_path(File.join(File.dirname(__FILE__), "generator_files")))
8
+
9
+ def self.next_migration_number(path)
10
+ Time.now.utc.strftime("%Y%m%d%H%M%S")
11
+ end
12
+
13
+ desc "Add a DB backed key storage system for your API service"
14
+ def bootstrap_api_migration
15
+ copy_file "app/models/api_client.rb"
16
+ copy_file "lib/tasks/generate_api_key.rake"
17
+
18
+ migration_template "db/migrate/enable_uuid_ossp_extension.rb", "db/migrate/enable_uuid_ossp_extension.rb"
19
+ sleep 1 # allow clock to tick so we get different numbers
20
+ migration_template "db/migrate/create_api_clients.rb", "db/migrate/create_api_clients.rb"
21
+ end
22
+ end
23
+ end
@@ -17,9 +17,10 @@ class Stitches::Configuration
17
17
  @max_cache_size = NonNullInteger.new("max_cache_size", 0)
18
18
  @disabled_key_leniency_in_seconds = ActiveSupport::Duration.days(3)
19
19
  @disabled_key_leniency_error_log_threshold_in_seconds = ActiveSupport::Duration.days(2)
20
+ @disable_api_key_support = false
20
21
  end
21
22
 
22
- attr_accessor :disabled_key_leniency_in_seconds, :disabled_key_leniency_error_log_threshold_in_seconds
23
+ attr_accessor :disabled_key_leniency_in_seconds, :disabled_key_leniency_error_log_threshold_in_seconds, :disable_api_key_support
23
24
 
24
25
  # A RegExp that allows URLS around the mime type and api key requirements.
25
26
  # nil means that ever request must have a proper mime type and api key.
@@ -8,6 +8,10 @@ Stitches.configure do |configuration|
8
8
  # but generally should be a string with no spaces or special characters.
9
9
  configuration.custom_http_auth_scheme = "CustomKeyAuth"
10
10
 
11
+ # Disable API Key feature. Enable it to add a database backed API Key auth scheme.
12
+ # Be sure to run `bin/rails generate stitches:api_migration` after enabling.
13
+ configuration.disable_api_key_support = true
14
+
11
15
  # Env var that gets the primary key of the authenticated ApiKey
12
16
  # for access in your controllers, so they don't need to re-parse the header
13
17
  # configuration.env_var_to_hold_api_client_primary_key = "YOUR_ENV_VAR"
@@ -11,7 +11,8 @@ resource "Ping (V1)" do
11
11
  response_field :status, "The status of the ping", scope: "ping", "Type" => "String"
12
12
  example "ping the server to validate your client's happy path" do
13
13
 
14
- header "Authorization", "CustomKeyAuth key=#{api_client.key}"
14
+ # Only needed if you're using API Key authentication
15
+ # header "Authorization", "CustomKeyAuth key=#{api_client.key}"
15
16
  do_request
16
17
 
17
18
  result = JSON.parse(response_body)
@@ -33,7 +34,8 @@ resource "Ping (V1)" do
33
34
 
34
35
  example "ping the server to validate your client's error handling" do
35
36
 
36
- header "Authorization", "CustomKeyAuth key=#{api_client.key}"
37
+ # Only needed if you're using API Key authentication
38
+ # header "Authorization", "CustomKeyAuth key=#{api_client.key}"
37
39
  do_request
38
40
 
39
41
  result = JSON.parse(response_body)
@@ -48,6 +48,8 @@ feature "general API stuff" do
48
48
  expect(response).to have_api_error(code: "test", message: "OH NOES!")
49
49
  end
50
50
 
51
+ <%# Remove always false if statement to enable API Key authentication %>
52
+ <% if false %>
51
53
  scenario "no auth header given" do
52
54
  headers = TestHeaders.new(api_client: nil)
53
55
  <% if ::Rails::VERSION::MAJOR >= 5 -%>
@@ -80,6 +82,7 @@ feature "general API stuff" do
80
82
 
81
83
  expect(response).to have_auth_error
82
84
  end
85
+ <% end %>
83
86
 
84
87
  scenario "no version" do
85
88
  headers = TestHeaders.new(version: nil)