There is a rails app that servers an ember.js application via rails-ember
and another site that has the data. Once the ember app is running it gets
ember-data from a data server. In a couple of cases it can also do puts to
the data server via ember data model.save() calls ..


  The ember app on a put does an http options method. For some reason the
options method does not have the api_key that the other methods typically
have.

  Here are changes I made to the rails data server:

============

application.rb in config:

# here I tried to add a specific rule for put, but it did not seem to work ?
# so my rule is very general allowing any put for now
# ..
# ..

config.middleware.use Rack::Cors do

       allow do

         allowed_origins = (ENV['CORS_ORIGINS'] || '').split(',')

         origins(*allowed_origins)

         resource '*', headers: :any, methods: [:get, :options, :put]

         # !!! seperate rule not working ?

         # resource '*/comments/*', headers: :any, methods: [:get, :options,
:put]

       end

     end

##########################

# in my app controller I do not check for logged in user for an options
# method as I am not sure why it does not get an api_key

class ApplicationController < ActionController::Base

   protect_from_forgery

   before_filter :authenticate!


def authenticate!

     unless request.method.eql?('OPTIONS')

       unless current_user

         render json: { error: 'Unauthorized access' }, status: 401

       end

     end

   end

#########################

# one of my other controllers that gets a pre flight options
# method from ember, I did the following:


skip_before_filter :verify_authenticity_token, :only => [:options]


#########################

  If anyone has any comments on how this may work as a solution, how to
improve it etc .. that would be appreciated .. thanks

--
You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe@googlegroups.com.
To post to this group, send email to rubyonrails-talk@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/d4c1233e-95e8-43ee-b1fc-74dd11b92855%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Search Discussions

Related Discussions

Discussion Navigation
viewthread | post
Discussion Overview
grouprubyonrails-talk @
categoriesrubyonrails
postedFeb 4, '15 at 6:09p
activeFeb 4, '15 at 6:09p
posts1
users1
websiterubyonrails.org
irc#RubyOnRails

1 user in discussion

Jedrin: 1 post

People

Translate

site design / logo © 2021 Grokbase