62 lines
1.4 KiB
Ruby
62 lines
1.4 KiB
Ruby
module API
|
|
class ApplicationController < ::ApplicationController
|
|
rescue_from ActiveRecord::RecordNotFound, with: :not_found
|
|
|
|
skip_before_filter :verify_authenticity_token
|
|
skip_before_filter :authenticate!, only: %i[cor_preflight ping]
|
|
|
|
before_filter :cor_filter
|
|
before_filter :json_filter!, except: :cor_preflight
|
|
|
|
def not_found
|
|
head :not_found
|
|
end
|
|
|
|
def cor_filter
|
|
headers['Access-Control-Allow-Origin'] = request.headers['Origin'] ?
|
|
request.headers['Origin'] :
|
|
''
|
|
headers['Access-Control-Allow-Credentials'] = 'true'
|
|
headers['Access-Control-Expose-Headers'] = 'Content-Length'
|
|
end
|
|
|
|
def cor_preflight
|
|
headers['Access-Control-Allow-Methods'] = 'GET, POST, PUT, DELETE'
|
|
headers['Access-Control-Allow-Headers'] =
|
|
'Content-Type, Content-Length, X-Requested-With'
|
|
|
|
head :ok
|
|
end
|
|
|
|
def ping
|
|
ping_response
|
|
end
|
|
|
|
def ping_auth
|
|
ping_response
|
|
end
|
|
|
|
def authenticate!
|
|
if key = authenticate_with_http_token { |t| Key.authenticate(t) }
|
|
self.current_user = key.user
|
|
end
|
|
head :unauthorized if current_user.nil?
|
|
end
|
|
|
|
def json_filter!
|
|
if request.format.json? || request.accepts.include?(:json)
|
|
request.format = :json
|
|
else
|
|
head :not_acceptable, content_type: 'application/json'
|
|
end
|
|
end
|
|
|
|
|
|
private
|
|
|
|
def ping_response
|
|
render json: { pong: true }
|
|
end
|
|
end
|
|
end
|