There are times when you’re building web applications and just the basics is enough for your initial needs. Take tonight when I needed a single API end point that was protected by a token.
Rather than go down the road of utilizing web tokens or another authentication method, I decided to use the
authenticate_or_request_with_token method that rails provides.
What it does is it takes the token from the request and we can then use it to match against an existing record or environment variable in our application. For this scenario, I need just to do a check on an environment variable.
module Api class EventsController < ApplicationController before_action :authenticate def index # Do some action here end private def authenticate authenticate_or_request_with_http_token do |token, _options| token == ENV['API_TOKEN'] end end end end