From feb1deba848a5e9175fed7fa7b54109d462fa17b Mon Sep 17 00:00:00 2001 From: Saurabh Bhatia Date: Thu, 13 Feb 2014 16:58:01 +0800 Subject: [PATCH] Removed unnecessary code, added authentication for clients controller for admin --- app/controllers/api/v1/base_controller.rb | 6 +++--- app/controllers/clients_controller.rb | 1 + config/routes.rb | 4 +--- 3 files changed, 5 insertions(+), 6 deletions(-) diff --git a/app/controllers/api/v1/base_controller.rb b/app/controllers/api/v1/base_controller.rb index b574c4d..e2d6674 100644 --- a/app/controllers/api/v1/base_controller.rb +++ b/app/controllers/api/v1/base_controller.rb @@ -17,14 +17,14 @@ module Api def restrict_access authenticate_or_request_with_http_token do |token, options| - ApiKey.pluck(:access_token).include?(token) - end + ApiKey.pluck(:access_token).include?(token) + end end def verify_client site_token = request.headers[:HTTP_X_SITETOKEN] site_id = request.headers[:HTTP_X_SITEID] - client_status = Client.where(site_token: site_token).where(site_id: site_id).present? + client_status = Client.where(site_token: site_token).where(site_id: site_id).present? end def render_unauthorized diff --git a/app/controllers/clients_controller.rb b/app/controllers/clients_controller.rb index a274bed..84875d4 100644 --- a/app/controllers/clients_controller.rb +++ b/app/controllers/clients_controller.rb @@ -1,5 +1,6 @@ class ClientsController < ApplicationController before_action :set_client, only: [:show, :edit, :update, :destroy] + before_filter :authenticate_user!, only: [:new, :edit, :create, :update, :destroy] # GET /clients # GET /clients.json diff --git a/config/routes.rb b/config/routes.rb index 55fab86..a3a6839 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -12,9 +12,7 @@ Mtstore::Application.routes.draw do scope module: :v1, constraints: ApiConstraints.new(version: 1, default: :true) do resources :templates resources :extensions - resources :clients do - post 'verify_client', on: :collection - end + resources :clients end end resources :templates