|
@@ -12,17 +12,17 @@ class API extends Application
|
12
|
12
|
@name: "api_"
|
13
|
13
|
|
14
|
14
|
@before_filter( api_request =>
|
15
|
|
- -- TODO implement Authorization: api_key VALUE as acceptable method to send api_key
|
16
|
|
- abort "api_key not specified." unless @params.api_key -- this does not seem to be triggering!!!
|
|
15
|
+ return if @user
|
|
16
|
+ if auth = @req.headers["authorization"]
|
|
17
|
+ if auth\len! > 0
|
|
18
|
+ @params.api_key = auth
|
|
19
|
+ abort "api_key not specified." unless @params.api_key
|
17
|
20
|
@api_key = APIKeys\find key: @params.api_key
|
18
|
21
|
abort "Invalid api_key" unless @api_key
|
19
|
22
|
@user = Users\find id: @api_key.user_id
|
20
|
23
|
abort "Invalid api_key." unless @user -- NOTE this should also delete the api_key and error (this should never happen!)
|
21
|
24
|
)
|
22
|
25
|
|
23
|
|
- [err_test: "/err"]: api_request =>
|
24
|
|
- error "this is a testing error"
|
25
|
|
-
|
26
|
26
|
[new: "/new"]: api_request =>
|
27
|
27
|
assert_valid @params, {
|
28
|
28
|
{"content", exists: true, min_length: 1, "Task content not specified."}
|