# DvelpApiAuth

This gem provides an ability to auth through api

## Installation

Add this line to your application's Gemfile:

```ruby
gem 'dvelp_api_auth'
```

And then execute:

    $ bundle

Or install it yourself as:

    $ gem install dvelp_api_auth

## Usage

Set the secret key for the API:

```ruby
# config/initializers/dvelp_api_auth.rb

DvelpApiAuth.configure do |config|
  config.api_auth_secret_key = 'strong secret'
end
```

## Development

After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.

To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).

## Integration with API

#### Example of generating headers on JS

In this example we used [crypto-js](https://www.npmjs.com/package/crypto-js) javascript library.

```javascript
// Require library
const CryptoJS = require("crypto-js");

// Secret key
const DVELP_API_AUTH_SECRET_KEY = 'dvelp-api-auth-secret-key';

// Value for AUTHORISATION header
const generateAuthHeader = (timestamp) => {
  const path = '/path-to-action'; // (URI) example '/api/resources/:id'
  const path_utf8 = CryptoJS.enc.Utf8.parse(path);
  const string = timestamp + CryptoJS.enc.Base64.stringify(path_utf8);

  return CryptoJS.HmacSHA256(string, DVELP_API_AUTH_SECRET_KEY);
};

// Time of the request
const timestamp = Math.floor(Date.now() / 1000);

// Headers which we send with every request
{
  'ACCEPT': 'application/vnd.api+json',
  'TIMESTAMP': timestamp,
  'AUTHORISATION': generateAuthHeader(timestamp)
}
```

## Contributing

Bug reports and pull requests are welcome on GitHub at https://github.com/[USERNAME]/dvelp_api_auth.