completed SMS gateway project
This commit is contained in:
0
app/controllers/concerns/.keep
Normal file
0
app/controllers/concerns/.keep
Normal file
73
app/controllers/concerns/api_authenticatable.rb
Normal file
73
app/controllers/concerns/api_authenticatable.rb
Normal file
@@ -0,0 +1,73 @@
|
||||
module ApiAuthenticatable
|
||||
extend ActiveSupport::Concern
|
||||
|
||||
included do
|
||||
before_action :authenticate_api_key!
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
def authenticate_api_key!
|
||||
api_key = extract_api_key
|
||||
return render_unauthorized("Missing API key") unless api_key
|
||||
|
||||
key_digest = Digest::SHA256.hexdigest(api_key)
|
||||
|
||||
if api_key.start_with?("gw_")
|
||||
authenticate_gateway(key_digest)
|
||||
else
|
||||
authenticate_client_api_key(key_digest)
|
||||
end
|
||||
end
|
||||
|
||||
def authenticate_gateway(key_digest)
|
||||
@current_gateway = Gateway.find_by(api_key_digest: key_digest, active: true)
|
||||
|
||||
unless @current_gateway
|
||||
render_unauthorized("Invalid gateway API key")
|
||||
end
|
||||
end
|
||||
|
||||
def authenticate_client_api_key(key_digest)
|
||||
@current_api_key = ApiKey.find_by(key_digest: key_digest, active: true)
|
||||
|
||||
unless @current_api_key
|
||||
render_unauthorized("Invalid API key")
|
||||
return
|
||||
end
|
||||
|
||||
# Check if key has expired
|
||||
if @current_api_key.expires_at.present? && @current_api_key.expires_at < Time.current
|
||||
render_unauthorized("API key has expired")
|
||||
return
|
||||
end
|
||||
|
||||
@current_api_key.touch(:last_used_at)
|
||||
end
|
||||
|
||||
def extract_api_key
|
||||
auth_header = request.headers["Authorization"]
|
||||
return nil unless auth_header
|
||||
|
||||
# Support both "Bearer token" and just "token"
|
||||
auth_header.sub(/^Bearer\s+/, "")
|
||||
end
|
||||
|
||||
def render_unauthorized(message = "Unauthorized")
|
||||
render json: { error: message }, status: :unauthorized
|
||||
end
|
||||
|
||||
def current_gateway
|
||||
@current_gateway
|
||||
end
|
||||
|
||||
def current_api_key
|
||||
@current_api_key
|
||||
end
|
||||
|
||||
def require_permission(permission)
|
||||
unless @current_api_key&.can?(permission)
|
||||
render json: { error: "Insufficient permissions" }, status: :forbidden
|
||||
end
|
||||
end
|
||||
end
|
||||
54
app/controllers/concerns/rate_limitable.rb
Normal file
54
app/controllers/concerns/rate_limitable.rb
Normal file
@@ -0,0 +1,54 @@
|
||||
module RateLimitable
|
||||
extend ActiveSupport::Concern
|
||||
|
||||
private
|
||||
|
||||
def rate_limit_check!(key, limit:, period:)
|
||||
cache_key = "rate_limit:#{key}"
|
||||
count = Rails.cache.read(cache_key) || 0
|
||||
|
||||
if count >= limit
|
||||
render_rate_limit_exceeded(period)
|
||||
return false
|
||||
end
|
||||
|
||||
Rails.cache.write(cache_key, count + 1, expires_in: period)
|
||||
true
|
||||
end
|
||||
|
||||
def rate_limit_increment(key, period:)
|
||||
cache_key = "rate_limit:#{key}"
|
||||
current_count = Rails.cache.read(cache_key) || 0
|
||||
Rails.cache.write(cache_key, current_count + 1, expires_in: period)
|
||||
end
|
||||
|
||||
def rate_limit_reset(key)
|
||||
cache_key = "rate_limit:#{key}"
|
||||
Rails.cache.delete(cache_key)
|
||||
end
|
||||
|
||||
def render_rate_limit_exceeded(retry_after)
|
||||
render json: {
|
||||
error: "Rate limit exceeded",
|
||||
retry_after: retry_after.to_i
|
||||
}, status: :too_many_requests
|
||||
end
|
||||
|
||||
# Rate limit based on IP address
|
||||
def rate_limit_by_ip!(limit:, period:)
|
||||
ip_address = request.remote_ip
|
||||
rate_limit_check!("ip:#{ip_address}", limit: limit, period: period)
|
||||
end
|
||||
|
||||
# Rate limit based on API key
|
||||
def rate_limit_by_api_key!(limit:, period:)
|
||||
return true unless @current_api_key
|
||||
|
||||
rate_limit_check!("api_key:#{@current_api_key.id}", limit: limit, period: period)
|
||||
end
|
||||
|
||||
# Rate limit based on phone number
|
||||
def rate_limit_by_phone!(phone_number, limit:, period:)
|
||||
rate_limit_check!("phone:#{phone_number}", limit: limit, period: period)
|
||||
end
|
||||
end
|
||||
Reference in New Issue
Block a user