5
0
Fork 0
mirror of https://0xacab.org/sutty/sutty synced 2024-11-21 22:46:21 +00:00

Cada sitio tiene su propia API

This commit is contained in:
f 2020-05-29 12:42:39 -03:00
parent 90d865bc3b
commit e40f895402
3 changed files with 31 additions and 12 deletions

View file

@ -7,21 +7,31 @@ module Api
http_basic_authenticate_with name: ENV['HTTP_BASIC_USER'],
password: ENV['HTTP_BASIC_PASSWORD']
# Lista de nombres de dominios a emitir certificados
def index
render json: Site.all.order(:name).pluck(:name) +
DeployAlternativeDomain.all.map(&:hostname)
render json: sites_names + alternative_names + api_names
end
# Detecta si se puede generar un certificado
def allowed
name = params[:domain].gsub(/\.#{Site.domain}\Z/, '')
site = Site.find_by(name: name)
private
if site
head :ok
else
head :not_found
end
# Nombres de los sitios
def sites_names
Site.all.order(:name).pluck(:name)
end
# Dominios alternativos
def alternative_names
DeployAlternativeDomain.all.map(&:hostname)
end
# Obtener todos los sitios con API habilitada, es decir formulario
# de contacto y/o colaboración anónima.
#
# TODO: Optimizar
def api_names
Site.where(contact: true)
.or(Site.where(colaboracion_anonima: true))
.select("'api.' || name as name").map(&:name)
end
end
end

View file

@ -16,10 +16,10 @@ Rails.application.routes.draw do
scope module: 'api' do
namespace :v1 do
resources :csp_reports, only: %i[create]
get 'sites/allowed', to: 'sites#allowed'
resources :sites, only: %i[index], constraints: { site_id: /[a-z0-9\-\.]+/, id: /[a-z0-9\-\.]+/ } do
get 'invitades/cookie', to: 'invitades#cookie'
resources :posts, only: %i[create]
get :'contact/cookie', to: 'contact#cookie'
post :contact, to: 'contact#receive'
end
end

View file

@ -0,0 +1,9 @@
# frozen_string_literal: true
# Los sitios pueden tener un formulario de contacto. Pueden
# deshabilitarlo si están recibiendo spam o un ataque.
class AddContactToSite < ActiveRecord::Migration[6.0]
def change
add_column :sites, :contact, :boolean, default: false
end
end