Sha256: 5840649065f8c79fe0df6f7699a5f22139dbba20ad56d039b6a7ee438e5df87a

Contents?: true

Size: 914 Bytes

Versions: 7

Compression:

Stored size: 914 Bytes

Contents

module ElocalApiSupport::Authorization
  extend ActiveSupport::Concern

  included do
    before_action :authorize!
  end

  protected

  def authorized?
    find_authorizer.authorize(authorize_request_token)
  end

  def find_authorizer
    if respond_to?(:authorizer, true)
      send(:authorizer)
    else
      DefaultAuthorizer.new(self)
    end
  end

  def error_response_hash
    { error: 'You are not an authorized user!' }.to_json
  end

  def authorize!
    return if authorized?

    Rails.logger.warn(
      format(
        'Somebody else tried to access our internal API!  Value: %s Params: %s, Headers: %s',
        authorize_request_token,
        params,
        request.headers.map { |k, _v| k }
      )
    )
    render json: error_response_hash, status: 401
  end

  def authorize_request_token
    [params[:request_token], request.headers['HTTP_X_REQUEST_TOKEN']].detect(&:present?)
  end
end

Version data entries

7 entries across 7 versions & 1 rubygems

Version Path
elocal_api_support-1.3.0 lib/elocal_api_support/authorization.rb
elocal_api_support-1.2.0 lib/elocal_api_support/authorization.rb
elocal_api_support-1.1.0 lib/elocal_api_support/authorization.rb
elocal_api_support-1.0.0 lib/elocal_api_support/authorization.rb
elocal_api_support-0.1.10 lib/elocal_api_support/authorization.rb
elocal_api_support-0.1.9 lib/elocal_api_support/authorization.rb
elocal_api_support-0.1.8 lib/elocal_api_support/authorization.rb