Class: RageController::API

Inherits:
Object
  • Object
show all
Defined in:
lib/rage/controller/api.rb

Class Method Summary collapse

Instance Method Summary collapse

Class Method Details

.after_action(action_name = nil, **opts, &block) ⇒ Object

Register a new after_action hook. Calls with the same action_name will overwrite the previous ones.

Examples:

after_action :log_detailed_metrics, only: :create

Parameters:

  • action_name (Symbol, nil) (defaults to: nil)

    the name of the callback to add

  • opts (Hash)

    action options

Options Hash (**opts):

  • :only (Symbol, Array<Symbol>)

    restrict the callback to run only for specific actions

  • :except (Symbol, Array<Symbol>)

    restrict the callback to run for all actions except specified

  • :if (Symbol, Proc)

    only run the callback if the condition is true

  • :unless (Symbol, Proc)

    only run the callback if the condition is false



262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
# File 'lib/rage/controller/api.rb', line 262

def after_action(action_name = nil, **opts, &block)
  action = prepare_action_params(action_name, **opts, &block)

  if @__after_actions && @__after_actions.frozen?
    @__after_actions = @__after_actions.dup
  end

  if @__after_actions.nil?
    @__after_actions = [action]
  elsif (i = @__after_actions.find_index { |a| a[:name] == action_name })
    @__after_actions[i] = action
  else
    @__after_actions << action
  end
end

.before_action(action_name = nil, **opts, &block) ⇒ Object

Note:

The block form doesn't receive an argument and is executed on the controller level as if it was a regular method.

Register a new before_action hook. Calls with the same action_name will overwrite the previous ones.

Examples:

before_action :find_photo, only: :show

def find_photo
  Photo.first
end
before_action :require_user, unless: :logged_in?
before_action :set_locale, if: -> { params[:locale] != "en-US" }
before_action do
  unless logged_in? # would be `controller.send(:logged_in?)` in Rails
    head :unauthorized
  end
end

Parameters:

  • action_name (Symbol, nil) (defaults to: nil)

    the name of the callback to add

  • opts (Hash)

    action options

Options Hash (**opts):

  • :only (Symbol, Array<Symbol>)

    restrict the callback to run only for specific actions

  • :except (Symbol, Array<Symbol>)

    restrict the callback to run for all actions except specified

  • :if (Symbol, Proc)

    only run the callback if the condition is true

  • :unless (Symbol, Proc)

    only run the callback if the condition is false



236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
# File 'lib/rage/controller/api.rb', line 236

def before_action(action_name = nil, **opts, &block)
  action = prepare_action_params(action_name, **opts, &block)

  if @__before_actions && @__before_actions.frozen?
    @__before_actions = @__before_actions.dup
  end

  if @__before_actions.nil?
    @__before_actions = [action]
  elsif (i = @__before_actions.find_index { |a| a[:name] == action_name })
    @__before_actions[i] = action
  else
    @__before_actions << action
  end
end

.rescue_from(*klasses, with: nil, &block) ⇒ Object

Register a global exception handler. Handlers are inherited and matched from bottom to top.

Examples:

rescue_from User::NotAuthorized, with: :deny_access

def deny_access
  head :forbidden
end
rescue_from User::NotAuthorized do |exception|
  render json: { message: exception.message }, status: :forbidden
end

Parameters:

  • klasses (Class, Array<Class>)

    exception classes to watch on

  • with (Symbol) (defaults to: nil)

    the name of a handler method. Alternatively, you can pass a block.



193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
# File 'lib/rage/controller/api.rb', line 193

def rescue_from(*klasses, with: nil, &block)
  unless with
    if block_given?
      with = define_tmp_method(block)
    else
      raise ArgumentError, "No handler provided. Pass the `with` keyword argument or provide a block."
    end
  end

  if @__rescue_handlers.nil?
    @__rescue_handlers = []
  elsif @__rescue_handlers.frozen?
    @__rescue_handlers = @__rescue_handlers.dup
  end

  @__rescue_handlers.unshift([klasses, with])
end

.skip_before_action(action_name, only: nil, except: nil) ⇒ Object

Prevent a before_action hook from running.

Examples:

skip_before_action :find_photo, only: :create

Parameters:

  • action_name (Symbol)

    the name of the callback to skip

  • only (Symbol, Array<Symbol>) (defaults to: nil)

    restrict the callback to be skipped only for specific actions

  • except (Symbol, Array<Symbol>) (defaults to: nil)

    restrict the callback to be skipped for all actions except specified

Raises:

  • (ArgumentError)


285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
# File 'lib/rage/controller/api.rb', line 285

def skip_before_action(action_name, only: nil, except: nil)
  i = @__before_actions&.find_index { |a| a[:name] == action_name }
  raise ArgumentError, "The following action was specified to be skipped but couldn't be found: #{self}##{action_name}" unless i

  @__before_actions = @__before_actions.dup if @__before_actions.frozen?

  if only.nil? && except.nil?
    @__before_actions.delete_at(i)
    return
  end

  action = @__before_actions[i].dup
  if only
    action[:except] ? action[:except] |= Array(only) : action[:except] = Array(only)
  end
  if except
    action[:only] = Array(except)
  end

  @__before_actions[i] = action
end

.wrap_parameters(key, include: [], exclude: []) ⇒ Object

Wraps the parameters hash into a nested hash. This will allow clients to submit requests without having to specify any root elements. Params get wrapped only if the Content-Type header is present and the params hash doesn't contain a param with the same name as the wrapper key.

Examples:

wrap_parameters :user, include: %i[name age]
wrap_parameters :user, exclude: %i[address]

Parameters:

  • key (Symbol)

    the wrapper key

  • include (Symbol, Array<Symbol>) (defaults to: [])

    the list of attribute names which parameters wrapper will wrap into a nested hash

  • exclude (Symbol, Array<Symbol>) (defaults to: [])

    the list of attribute names which parameters wrapper will exclude from a nested hash



317
318
319
320
# File 'lib/rage/controller/api.rb', line 317

def wrap_parameters(key, include: [], exclude: [])
  @__wrap_parameters_key = key
  @__wrap_parameters_options = { include:, exclude: }
end

Instance Method Details

#append_info_to_payload(payload) ⇒ Object

Define this method to add more information to request logs.

Examples:

def append_info_to_payload(payload)
  payload[:response] = response.body
end

Parameters:

  • payload (Hash)

    the payload to add additional information to



# File 'lib/rage/controller/api.rb', line 549

#authenticate_or_request_with_http_token {|token| ... } ⇒ Object

Authenticate using an HTTP Bearer token, or otherwise render an HTTP header requesting the client to send a Bearer token. For the authentication to be considered successful, the block should return a non-nil value.

Examples:

before_action :authenticate

def authenticate
  authenticate_or_request_with_http_token do |token|
    ApiToken.find_by(token: token)
  end
end

Yields:

  • (token)

    token value extracted from the Authorization header



485
486
487
# File 'lib/rage/controller/api.rb', line 485

def authenticate_or_request_with_http_token
  authenticate_with_http_token { |token| yield(token) } || request_http_token_authentication
end

#authenticate_with_http_token {|token| ... } ⇒ Object

Authenticate using an HTTP Bearer token. Returns the value of the block if a token is found. Returns nil if no token is found.

Examples:

user = authenticate_with_http_token do |token|
  User.find_by(key: token)
end

Yields:

  • (token)

    token value extracted from the Authorization header



450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
# File 'lib/rage/controller/api.rb', line 450

def authenticate_with_http_token
  auth_header = @__env["HTTP_AUTHORIZATION"]

  payload = if auth_header&.start_with?("Bearer")
    auth_header[7..]
  elsif auth_header&.start_with?("Token")
    auth_header[6..]
  end

  return unless payload

  token = if payload.start_with?("token=")
    payload[6..]
  else
    payload
  end

  token.delete_prefix!('"')
  token.delete_suffix!('"')

  yield token
end

#cookiesRage::Cookies

Get the cookie object. See Rage::Cookies.

Returns:



371
372
373
# File 'lib/rage/controller/api.rb', line 371

def cookies
  @cookies ||= Rage::Cookies.new(@__env, @__headers)
end

#head(status) ⇒ Object

Send a response with no body.

Examples:

head :unauthorized
head 429

Parameters:

  • status (Integer, Symbol)

    set a response status



424
425
426
427
428
429
430
431
432
# File 'lib/rage/controller/api.rb', line 424

def head(status)
  @__rendered = true

  @__status = if status.is_a?(Symbol)
    ::Rack::Utils::SYMBOL_TO_STATUS_CODE[status]
  else
    status
  end
end

#headersHash

Set response headers.

Examples:

headers["Content-Type"] = "application/pdf"

Returns:

  • (Hash)


439
440
441
# File 'lib/rage/controller/api.rb', line 439

def headers
  @__headers
end

#paramsHash{Symbol=>String,Array,Hash,Numeric,NilClass,TrueClass,FalseClass}

Get the request data. The keys inside the hash are symbols, so params.keys returns an array of Symbol.
You can also load Strong Params to have Rage automatically wrap params in an instance of ActionController::Parameters.
At the same time, if you are not implementing complex filtering rules or working with nested structures, consider using native Hash#fetch and Hash#slice instead.

For multipart file uploads, the uploaded files are represented by an instance of Rage::UploadedFile.

Examples:

# make sure to load strong params before the `require "rage/all"` call
require "active_support/all"
require "action_controller/metal/strong_parameters"

params.permit(:user).require(:full_name, :dob)
# without strong params
params.fetch(:user).slice(:full_name, :dob)

Returns:

  • (Hash{Symbol=>String,Array,Hash,Numeric,NilClass,TrueClass,FalseClass})


512
513
514
# File 'lib/rage/controller/api.rb', line 512

def params
  @__params
end

#render(json: nil, plain: nil, status: nil) ⇒ Object

Note:

render doesn't terminate execution of the action, so if you want to exit an action after rendering, you need to do something like render(...) and return.

Send a response to the client.

Examples:

render json: { hello: "world" }
render status: :ok
render plain: "hello world", status: 201

Parameters:

  • json (String, Object) (defaults to: nil)

    send a json response to the client; objects like arrays will be serialized automatically

  • plain (String) (defaults to: nil)

    send a text response to the client

  • status (Integer, Symbol) (defaults to: nil)

    set a response status



393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
# File 'lib/rage/controller/api.rb', line 393

def render(json: nil, plain: nil, status: nil)
  raise "Render was called multiple times in this action" if @__rendered
  @__rendered = true

  if json || plain
    @__body << if json
      json.is_a?(String) ? json : json.to_json
    else
      headers["content-type"] = "text/plain; charset=utf-8"
      plain.to_s
    end

    @__status = 200
  end

  if status
    @__status = if status.is_a?(Symbol)
      ::Rack::Utils::SYMBOL_TO_STATUS_CODE[status]
    else
      status
    end
  end
end

#requestRage::Request

Get the request object. See Rage::Request.

Returns:



359
360
361
# File 'lib/rage/controller/api.rb', line 359

def request
  @request ||= Rage::Request.new(@__env)
end

#request_http_token_authenticationObject

Render an HTTP header requesting the client to send a Bearer token for authentication.



490
491
492
493
# File 'lib/rage/controller/api.rb', line 490

def request_http_token_authentication
  headers["Www-Authenticate"] = "Token"
  render plain: "HTTP Token: Access denied.", status: 401
end

#reset_sessionObject

Reset the entire session. See Rage::Session.



558
559
560
# File 'lib/rage/controller/api.rb', line 558

def reset_session
  session.clear
end

#responseRage::Response

Get the response object. See Rage::Response.

Returns:



365
366
367
# File 'lib/rage/controller/api.rb', line 365

def response
  @response ||= Rage::Response.new(@__headers, @__body)
end

#sessionRage::Session

Get the session object. See Rage::Session.

Returns:



377
378
379
# File 'lib/rage/controller/api.rb', line 377

def session
  @session ||= Rage::Session.new(cookies)
end

#stale?(etag: nil, last_modified: nil) ⇒ Boolean

Note:

stale? will set the response status to 304 if the request is fresh. This side effect will cause a double render error, if render gets called after this method. Make sure to implement a proper conditional in your action to prevent this from happening:

if stale?(etag: "123")
  render json: { hello: "world" }
end

Checks if the request is stale to decide if the action has to be rendered or the cached version is still valid. Use this method to implement conditional GET.

Examples:

stale?(etag: "123", last_modified: Time.utc(2023, 12, 15))
stale?(last_modified: Time.utc(2023, 12, 15))
stale?(etag: "123")

Parameters:

  • etag (String) (defaults to: nil)

    The etag of the requested resource.

  • last_modified (Time) (defaults to: nil)

    The last modified time of the requested resource.

Returns:

  • (Boolean)

    True if the response is stale, false otherwise.



536
537
538
539
540
541
# File 'lib/rage/controller/api.rb', line 536

def stale?(etag: nil, last_modified: nil)
  still_fresh = request.fresh?(etag:, last_modified:)

  head :not_modified if still_fresh
  !still_fresh
end