module RooOnRails::Concerns::RequireApiKey
This concern allows API authentication in a consistent manner.
If a service connects with basic auth using the username “service” then the `SERVICE_CLIENT_KEY` environment variable must have the given password as one of the comma separated strings within it or a 403 will be raised.
@example: Any service with an acceptable key can access routes
class ThingController < ApplicationController include RooOnRails::Concerns::RequireApiKey require_api_key # etc end
@example: Only the specified clients can access specific routes in this controller
class ThingController < ApplicationController include RooOnRails::Concerns::RequireApiKey require_api_key(only_services: :my_service, only: :create) # etc end
Attributes
current_client[R]