DvelpApiAuth
This gem provides an ability to auth through api
Installation
Add this line to your application's Gemfile:
gem 'dvelp_api_auth'
And then execute:
$ bundle
Or install it yourself as:
$ gem install dvelp_api_auth
Usage
Set the secret key for the API:
# config/initializers/dvelp_api_auth.rb
DvelpApiAuth.configure do |config|
config.api_auth_secret_key = 'strong secret'
end
Development
After checking out the repo, run bin/setup
to install dependencies. Then, run rake spec
to run the tests. You can also run bin/console
for an interactive prompt that will allow you to experiment.
To install this gem onto your local machine, run bundle exec rake install
. To release a new version, update the version number in version.rb
, and then run bundle exec rake release
, which will create a git tag for the version, push git commits and tags, and push the .gem
file to rubygems.org.
Integration with API
Example of generating headers on JS
In this example we used crypto-js javascript library.
// Require library
const CryptoJS = require("crypto-js");
// Secret key
const DVELP_API_AUTH_SECRET_KEY = 'dvelp-api-auth-secret-key';
// Value for AUTHORISATION header
const generateAuthHeader = (timestamp) => {
const path = '/path-to-action'; // (URI) example '/api/resources/:id'
const path_utf8 = CryptoJS.enc.Utf8.parse(path);
const string = timestamp + CryptoJS.enc.Base64.stringify(path_utf8);
return CryptoJS.HmacSHA256(string, DVELP_API_AUTH_SECRET_KEY);
};
// Time of the request
const timestamp = Math.floor(Date.now() / 1000);
// Headers which we send with every request
{
'ACCEPT': 'application/vnd.api+json',
'TIMESTAMP': timestamp,
'AUTHORISATION': generateAuthHeader(timestamp)
}
Contributing
Bug reports and pull requests are welcome on GitHub at https://github.com/[USERNAME]/dvelp_api_auth.