module-and-template-store/app/controllers/api/v1/base_controller.rb

module Api
  module V1
    class BaseController < ApplicationController
   	before_filter :restrict_access
    respond_to :json
    skip_before_filter :verify_authenticity_token


     def current_resource_owner
      User.find(doorkeeper_token.resource_owner_id) if doorkeeper_token
     end

     private
      def authorize_client
      	verify_client || render_unauthorized
      end

      def restrict_access
      	authenticate_or_request_with_http_token do |token, options|
	      ApiKey.pluck(:access_token).include?(token)
		end
      end

      def verify_client
      	site_token = request.headers[:HTTP_X_SITETOKEN]
      	site_id = request.headers[:HTTP_X_SITEID]
		client_status  = Client.where(site_token: site_token).where(site_id: site_id).present?
      end

      def render_unauthorized
        self.headers['WWW-Authenticate'] = 'Token realm="Application"'
      	render json: 'Bad credentials', status: 401
      end
    end
  end
end
API Keys and Authorization Framework 2014-02-13 06:51:23 +00:00			`module Api`
			`module V1`
			`class BaseController < ApplicationController`
			`before_filter :restrict_access`
			`respond_to :json`
			`skip_before_filter :verify_authenticity_token`


			`def current_resource_owner`
			`User.find(doorkeeper_token.resource_owner_id) if doorkeeper_token`
			`end`

			`private`
			`def authorize_client`
			`verify_client \|\| render_unauthorized`
			`end`

			`def restrict_access`
			`authenticate_or_request_with_http_token do \|token, options\|`
			`ApiKey.pluck(:access_token).include?(token)`
			`end`
			`end`

			`def verify_client`
			`site_token = request.headers[:HTTP_X_SITETOKEN]`
			`site_id = request.headers[:HTTP_X_SITEID]`
			`client_status = Client.where(site_token: site_token).where(site_id: site_id).present?`
			`end`

			`def render_unauthorized`
			`self.headers['WWW-Authenticate'] = 'Token realm="Application"'`
			`render json: 'Bad credentials', status: 401`
			`end`
			`end`
			`end`
			`end`