ToolJet/app/controllers/application_controller.rb

class ApplicationController < ActionController::API
  include Pundit
  rescue_from Pundit::NotAuthorizedError, with: :user_not_authorized

  before_action :authenticate_request
  attr_reader :current_user

  private

  def authenticate_request
    @current_user = AuthorizeApiRequest.call(request.headers).result
    render json: { error: 'Not Authorized' }, status: 401 unless @current_user
  end

  def user_not_authorized
    render json: { error: 'Access denied' }, status: :forbidden
  end
end
Initial commit for rails API 2021-03-31 13:38:49 +00:00			`class ApplicationController < ActionController::API`
Setup Rubocop 2021-04-29 06:41:23 +00:00			`include Pundit`
			`rescue_from Pundit::NotAuthorizedError, with: :user_not_authorized`
Authentication 2021-03-31 16:18:42 +00:00
Setup Rubocop 2021-04-29 06:41:23 +00:00			`before_action :authenticate_request`
			`attr_reader :current_user`
Setup pundit authorization, add tests for apps controller 2021-04-25 12:35:36 +00:00
Setup Rubocop 2021-04-29 06:41:23 +00:00			`private`

			`def authenticate_request`
			`@current_user = AuthorizeApiRequest.call(request.headers).result`
			`render json: { error: 'Not Authorized' }, status: 401 unless @current_user`
			`end`

			`def user_not_authorized`
			`render json: { error: 'Access denied' }, status: :forbidden`
			`end`
Initial commit for rails API 2021-03-31 13:38:49 +00:00			`end`