Use basic auth header for login

Gemfile

@@ -19,7 +19,7 @@ gem 'raddocs'
 group :test, :development do
   gem 'factory_girl_rails'
   gem 'rspec-rails'
-  gem 'rspec_api_documentation'
+  gem 'rspec_api_documentation', :git => "git@github.com:zipmark/rspec_api_documentation"
 end
 
 group :test do

Gemfile.lock

@@ -5,6 +5,18 @@ GIT
     active_model_serializers (0.5.0)
       activemodel (~> 3.0)
 
+GIT
+  remote: git@github.com:zipmark/rspec_api_documentation
+  revision: 4c76c40d61fde428bd012b3e559f6212b6d9e76b
+  specs:
+    rspec_api_documentation (0.8.0)
+      activesupport (>= 3.0.0)
+      i18n (>= 0.1.0)
+      json (>= 1.4.6)
+      mustache (>= 0.99.4)
+      rspec (>= 2.6.0)
+      webmock (>= 1.7.0)
+
 GEM
   remote: https://rubygems.org/
   specs:
@@ -127,13 +139,6 @@ GEM
       activesupport (>= 3.0)
       railties (>= 3.0)
       rspec (~> 2.11.0)
-    rspec_api_documentation (0.8.0)
-      activesupport (>= 3.0.0)
-      i18n (>= 0.1.0)
-      json (>= 1.4.6)
-      mustache (>= 0.99.4)
-      rspec (>= 2.6.0)
-      webmock (>= 1.7.0)
     sass (3.2.1)
     sass-rails (3.2.5)
       railties (~> 3.2.0)
@@ -177,6 +182,6 @@ DEPENDENCIES
   raddocs
   rails (= 3.2.8)
   rspec-rails
-  rspec_api_documentation
+  rspec_api_documentation!
   sass-rails (~> 3.2.3)
   uglifier (>= 1.0.3)

app/controllers/orders_controller.rb

@@ -1,13 +1,19 @@
 class OrdersController < ApplicationController
-  before_filter :authenticate_user!
+  before_filter do
+    authenticate_or_request_with_http_basic do |auth_token, _|
+      @current_user = User.find_by_authentication_token(auth_token)
+      @current_user.present?
+    end
+  end
 
   respond_to :hal
 
   has_scope :date
 
   def index
     orders = current_user.orders.date_descending
-    respond_with apply_scopes(orders), :serializer => OrdersSerializer, :date => params[:date]
+    respond_with apply_scopes(orders),
+      :serializer => OrdersSerializer, :date => params[:date]
   end
 
   def show

config/initializers/mime_types.rb

@@ -8,5 +8,5 @@
 
 ActionDispatch::ParamsParser::DEFAULT_PARSERS[Mime::Type.lookup('application/hal+json')] = 
   lambda do |body|
-    JSON.parse(body)
+    JSON.parse("[#{body}]").first
   end

spec/acceptance/orders_spec.rb

@@ -4,12 +4,13 @@
 resource "Orders" do
   header "Accept", "application/hal+json"
   header "Content-Type", "application/hal+json"
-
-  parameter :auth_token, "Authentication token"
+  header "Authorization", :basic_authorization
 
   let(:user) { create(:user) }
   let(:auth_token) { user.authentication_token }
 
+  let(:basic_authorization) { "Basic " + Base64.encode64("#{auth_token}:#{auth_token}") }
+
   get "/orders" do
     parameter :date, "Search by date"
 
@@ -25,8 +26,6 @@
     let!(:order_2) { create(:order, :date => "2012-08-21", :user => user) }
     let!(:order_3) { create(:order) }
 
-    let(:raw_post) { params.to_json }
-
     example "Listing orders" do
       do_request
 
@@ -118,7 +117,7 @@
 
     let(:total_cents) { 3000 }
 
-    let(:raw_post) { { :order => { :total_cents => total_cents }, :auth_token => auth_token }.to_json }
+    let(:raw_post) { { :order => { :total_cents => total_cents } }.to_json }
 
     example "Creating a new order" do
       do_request
@@ -145,7 +144,7 @@
 
     let(:status) { "charged" }
 
-    let(:raw_post) { { :order => { :status => status }, :auth_token => auth_token }.to_json }
+    let(:raw_post) { { :order => { :status => status } }.to_json }
 
     example "Updating an order" do
       do_request