44 lines
1.1 KiB
Ruby
44 lines
1.1 KiB
Ruby
module API
|
|
class ApplicationController < ::ApplicationController
|
|
rescue_from ActiveRecord::RecordNotFound, with: :not_found
|
|
|
|
skip_before_filter :verify_authenticity_token
|
|
skip_before_filter :authenticate!, only: :cor_preflight
|
|
|
|
before_filter :cor_filter
|
|
before_filter :json_filter!
|
|
|
|
def not_found
|
|
head :not_found
|
|
end
|
|
|
|
def cor_filter
|
|
headers['Access-Control-Allow-Origin'] = request.headers['Origin'] ?
|
|
request.headers['Origin'] :
|
|
''
|
|
headers['Access-Control-Allow-Credentials'] = 'true'
|
|
headers['Access-Control-Expose-Headers'] = 'Content-Length'
|
|
end
|
|
|
|
def cor_preflight
|
|
headers['Access-Control-Allow-Methods'] = 'GET, POST, PUT, DELETE'
|
|
headers['Access-Control-Allow-Headers'] =
|
|
'Content-Type, Content-Length, X-Requested-With'
|
|
|
|
head :ok
|
|
end
|
|
|
|
def ping
|
|
render json: { pong: 'ok' }
|
|
end
|
|
|
|
def authenticate!
|
|
head :unauthorized if current_user.nil?
|
|
end
|
|
|
|
def json_filter!
|
|
head :not_acceptable if request.format != :json
|
|
end
|
|
end
|
|
end
|