Merge pull request #1842 from internetee/separate-api-key-for-bounces

RWHOIS Bridge: Create separate key for Bounces API
2025-07-24 11:38:30 +02:00 · 2021-02-10 14:15:31 +02:00 · 2021-02-10 14:15:31 +02:00 · 2e582283a5
commit 2e582283a5
parent 476093f3ce 1b6c451656
5 changed files with 14 additions and 7 deletions
--- a/app/controllers/api/v1/base_controller.rb
+++ b/app/controllers/api/v1/base_controller.rb
@ -11,7 +11,7 @@ module Api
      end

      def authenticate_shared_key
-        api_key = "Basic #{ENV['internal_api_key']}"
+        api_key = "Basic #{ENV['rwhois_internal_api_shared_key']}"
        head(:unauthorized) unless api_key == request.authorization
      end

--- a/app/controllers/api/v1/bounces_controller.rb
+++ b/app/controllers/api/v1/bounces_controller.rb
@ -1,7 +1,7 @@
 module Api
  module V1
    class BouncesController < BaseController
-      before_action :authenticate_shared_key
+      before_action :validate_shared_key_integrity

      # POST api/v1/bounces/
      def create
@ -20,6 +20,13 @@ module Api

        params.require(:data)
      end
+
+      private
+
+      def validate_shared_key_integrity
+        api_key = "Basic #{ENV['rwhois_bounces_api_shared_key']}"
+        head(:unauthorized) unless api_key == request.authorization
+      end
    end
  end
 end