Sha256: 3897602d2aebda158642bc477273a5f0ddc63d37628f6d6987482e314caae82f
Contents?: true
Size: 858 Bytes
Versions: 1
Compression:
Stored size: 858 Bytes
Contents
module ElocalApiSupport::Authorization
extend ActiveSupport::Concern
included do
before_filter :authorize!
end
protected
def authorized?
find_authorizer.authorize(authorize_request_token)
end
def find_authorizer
if respond_to?(:authorizer, true)
send(:authorizer)
else
DefaultAuthorizer.new(self)
end
end
def error_response_hash
{ error: 'You are not an authorized user!' }.to_json
end
def authorize!
unless authorized?
Rails.logger.warn("Somebody else tried to access our internal API! Value: #{authorize_request_token} Params: #{params}, Headers: #{request.headers.map{ |k, _v| k }}")
render json: error_response_hash, status: 401
end
end
def authorize_request_token
[params[:request_token], request.headers["HTTP_X_REQUEST_TOKEN"]].detect(&:present?)
end
end
Version data entries
1 entries across 1 versions & 1 rubygems
| Version | Path |
|---|---|
| elocal_api_support-0.1.2 | lib/elocal_api_support/authorization.rb |