Permalink
Browse files

Stop requiring SSL for the API controllers

  • Loading branch information...
1 parent 84f93e9 commit 3e1ced8200d472a481b6d0512b3c10a44152ac6f Josh Clayton and Nick Quaranto committed with qrush Oct 1, 2010
@@ -0,0 +1,3 @@
+class Api::BaseController < ApplicationController
+ skip_before_filter :require_ssl
+end
@@ -1,4 +1,4 @@
-class Api::V1::ApiKeysController < ApplicationController
+class Api::V1::ApiKeysController < Api::BaseController
before_filter :redirect_to_root, :unless => :signed_in?, :only => [:reset]
def show
@@ -1,4 +1,4 @@
-class Api::V1::DependenciesController < ApplicationController
+class Api::V1::DependenciesController < Api::BaseController
def index
gem_list = params[:gems].split(',')
@@ -1,4 +1,4 @@
-class Api::V1::DownloadsController < ApplicationController
+class Api::V1::DownloadsController < Api::BaseController
before_filter :find_gem, :only => [:show]
@@ -1,4 +1,4 @@
-class Api::V1::OwnersController < ApplicationController
+class Api::V1::OwnersController < Api::BaseController
skip_before_filter :verify_authenticity_token, :only => [:create, :destroy]
@@ -1,4 +1,4 @@
-class Api::V1::RubygemsController < ApplicationController
+class Api::V1::RubygemsController < Api::BaseController
skip_before_filter :verify_authenticity_token, :only => [:create, :yank, :unyank]
before_filter :authenticate_with_api_key, :only => [:create, :yank, :unyank]
@@ -1,4 +1,4 @@
-class Api::V1::SearchesController < ApplicationController
+class Api::V1::SearchesController < Api::BaseController
skip_before_filter :verify_authenticity_token
@@ -1,4 +1,4 @@
-class Api::V1::WebHooksController < ApplicationController
+class Api::V1::WebHooksController < Api::BaseController
skip_before_filter :verify_authenticity_token
before_filter :authenticate_with_api_key
@@ -1,5 +1,7 @@
class ApplicationController < ActionController::Base
include Clearance::Authentication
+ include SimpleSSLRequirement
+
protect_from_forgery :only => [:create, :update, :destroy]
ssl_required :if => :signed_in?
@@ -4,6 +4,8 @@ class ProfilesController < ApplicationController
def edit
end
+ def show
+ end
def update
if current_user.update_attributes(params[:user])
@@ -1,7 +1,7 @@
<div id="profile">
<div id="profile-left">
<div id="avatar-frame">
- <%= gravatar(150, "profile_gravatar") %>
+ <%= gravatar(256, "profile_gravatar") %>
</div>
<div id="profile-info">
<h2 id="profile-name">fyates</h2>
View
@@ -60,7 +60,7 @@
resource :search, :only => :show
resource :dashboard, :only => :show
- resource :profile, :only => [:edit, :update]
+ resource :profile, :only => [:edit, :update, :show]
resources :stats, :only => :index
resources :rubygems, :only => :index, :path => "gems" do
@@ -1,16 +1,25 @@
module SimpleSSLRequirement
- def ssl_required(options={})
- options.reverse_merge!(:environments => %w(production staging test))
+ def self.included(base)
+ base.extend(ClassMethods)
+ base.class_eval do
+ private
- if options.delete(:environments).include?(Rails.env)
- before_filter options do
+ def require_ssl
if !request.ssl?
redirect_to "https://#{request.host}#{request.fullpath}"
flash.keep
end
end
end
end
-end
-ActionController::Base.extend SimpleSSLRequirement
+ module ClassMethods
+ def ssl_required(options={})
+ options.reverse_merge!(:environments => %w(production staging test))
+
+ if options.delete(:environments).include?(Rails.env)
+ before_filter :require_ssl, options
+ end
+ end
+ end
+end

0 comments on commit 3e1ced8

Please sign in to comment.