Class: Stitches::ApiKey
- Inherits:
-
AllowlistMiddleware
- Object
- AllowlistMiddleware
- Stitches::ApiKey
- Defined in:
- lib/stitches/api_key.rb
Overview
A middleware that requires an API key for certain transactions, and makes its id available in the enviornment for controllers.
This follows http://www.ietf.org/rfc/rfc2617.txt for use of custom authorization methods, namely the specification of an API key.
Apps are expected to set the Authorization header (available to Rack apps as the environment variable HTTP_AUTHORIZATION) to
MyInternalRealm key=<<api key>>
where MyInternalRealm is the value returned by Stitches.configuration.custom_http_auth_scheme and
<
If that is the case, env will be the primary key of the ApiClient that it maps to.