= Rack::API
Create web app APIs that respond to one or more formats using an elegant DSL.
== Installation
gem install rack-api
== Usage
=== Basic example
Rack::API.app do
prefix "api"
version :v1 do
get "users(.:format)" do
User.all
end
get "users/:id(.:format)" do
User.find(params[:id])
end
end
end
=== Rails Integration
First, set up your Gemfile like this:
gem "rack-api", "~> 0.1.0", :require => "rack/api"
Create your API somewhere. In this example, we'll add it to lib/api.rb.
Rack::API.app do
prefix "api"
version :v1 do
get "status(.:format)" do
{:success => true, :time => Time.now}
end
end
end
Load this file somehow. I'd create a config/initializers/dependencies.rb with something like
require "lib/api"
Finally, you can set up the API routing. Open config/routes.rb and add the following line:
mount Rack::API => "/"
If you define your API by inheriting from the Rack::API class, remember to mount your class instead.
mount MyAPI => "/"
For additional examples, see https://github.com/fnando/rack-api/tree/master/examples.
=== Using RSpec with Rack::API
You can easily test Rack::API apps by using Rack::Test. This applies to both RSpec and Test Unit. See what you need to do if you want to use it with RSpec.
First, open your spec/spec_helper.rb and add something like this:
require "rspec"
require "rack/test"
RSpec.configure do |config|
config.include Rack::Test::Methods
end
Then you can go to your spec file, say, spec/api_spec.rb. You need to define a helper method called +app+, which will point to your Rack::API (the class itself or your own class).
require "spec_helper"
describe Rack::API do
# Remember to use your own class if you
# inherited from Rack::API
def app; Rack::API; end
it "renders status page" do
get "/api/v1/status"
last_response.body.should == {:status => "running"}.to_json
last_response.status.should == 200
end
end
If you want to do expectations over basic authentication, you'll have some like this:
require "spec_helper"
describe Rack::API do
def basic_auth(username, password)
"Basic " + Base64.encode64("#{username}:#{password}")
end
it "requires authentication" do
get "/api/v1/status"
last_response.status.should == 401
end
it "grants access" do
get "/api/v1/status", {"HTTP_AUTHORIZATION" => basic_auth("john", "test")}
last_response.status.should == 200
end
end
To reduce duplication, you can move both basic_auth and app methods to a module, which will be included on RSpec.
RSpec.configure do |config|
config.include Rack::Test::Methods
config.include Helpers
end
Your Helpers module may look like this:
module Helpers
def app
Rack::API
end
def basic_auth(username, password)
"Basic " + Base64.encode64("#{username}:#{password}")
end
end
== Helpers
Every Rack::API action has several helper methods available through the
Rack::API::Controller class. Here's some of them:
=== logger
Logs specified message to the STDOUT.
get "/" do
logger.info "Hello index page!"
{}
end
=== headers
Define custom headers that will be sent to the client.
get "/" do
headers["X-Awesome"] = "U R Awesome"
{}
end
== params
Return current request parameters.
get "/" do
{:message => "Hello #{params[:name]}"}
end
== request
Return an object relative to the current request.
== credentials
This method will return an array container both username and password if client
sent Basic Authentication headers.
get "/" do
user, pass = credentials
{:message => "Hello #{user}"}
end
== url_for
Build an URL by merging segments, default URL options and hash with parameters.
Rack::API.app do
default_url_options :host => "example.com", :protocol => "https"
version "v1" do
get "/" do
{:url => url_for(:users, User.find(params[:id])), :format => :json}
end
end
end
== Useful middlewares
=== Rack::API::Middleware::SSL
This middleware will accept only HTTPS requests. Any request over HTTP will be dropped.
Rack::API.app do
use Rack::API::Middleware::SSL
end
=== Rack::API::Middleware::Limit
This middleware will limit access to API based on requests per hour. It requires a Redis connection.
Rack::API.app do
# Use the default settings.
# Will accept 60 requests/hour limited by IP address (REMOTE_ADDR)
use Rack::API::Middleware::Limit, :with => Redis.new
end
Other usages:
# Set custom limit/hour.
# Will accept ± 1 request/second.
use Rack::API::Middleware::Limit, :with => $redis, :limit => 3600
# Set custom string key.
# Will limit by something like env["X-Forwarded-For"].
use Rack::API::Middleware::Limit, :with => $redis, :key => "X-Forwarded-For"
# Set custom block key.
# Will limit by credential (Basic Auth).
Rack::API.app do
basic_auth do |user, pass|
User.authorize(user, pass)
end
use Rack::API::Middleware::Limit, :with => $redis, :key => proc {|env|
request = Rack::Auth::Basic::Request.new(env)
request.credentials[0]
}
end
== Maintainer
* Nando Vieira (http://nandovieira.com.br)
== License
(The MIT License)
Permission is hereby granted, free of charge, to any person obtaining
a copy of this software and associated documentation files (the
'Software'), to deal in the Software without restriction, including
without limitation the rights to use, copy, modify, merge, publish,
distribute, sublicense, and/or sell copies of the Software, and to
permit persons to whom the Software is furnished to do so, subject to
the following conditions:
The above copyright notice and this permission notice shall be
included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND,
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.