Is there a Rails plugin or a rubygem that gives you a starting point for adding an api to your Rails app? We want to use the API Key/Secret Key model, the API should also be versionable. Is there something out there that will give us some, if not all of this?
The only way to hide it is to proxy your request through your own server. Netlify Functions are a free way to add some simple backend code to a frontend app. This is this method I used while learning to program in college, where I needed to share my progress with my peer group without disclosing my API keys.
Publicly exposing your credentials can result in your account being compromised, which could lead to unexpected charges on your account.
Amazon Web Services style API keys including a key ID and a secret key, which are used together to securely authenticate the client. The API key ID is included in all requests to identify the client. The secret key is known only to the client and the API Gateway.
Check out this plugin for AuthLogic:
http://github.com/phurni/authlogic_api
I think that does what you are looking for.
The OAuth plugin could be useful for the keys. It may look like OAuth is only for user authentication, but if you autogenerate the access tokens and give them to developers, instead of having an interactive user process with request tokens and account authorization, then you basically have a quite secure API key system. And the plugin will just drop in nicely.
Other than that, some nice use of rails' routes (with conditions to call a different action on get, post, put, etc, and a prefix of /api/v1/) and format (format.xml, format.js, etc) provides a pretty nice way to build RESTful APIs, withought really needing a plugin.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With